Skip to content

ext/sockets: follow-up on AF_PACKET support. #17657

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Closed
wants to merge 13 commits into from
Closed

ext/sockets: follow-up on AF_PACKET support. #17657

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
13 commits
Select commit Hold shift + click to select a range
5411062
ext/sockets: follow-up on AF_PACKET support.
devnexen Jan 31, 2025
93d0480
add more ethernet frame protocols support on reception
devnexen Feb 2, 2025
27109f9
expose needed ETH_FRAME_LEN, fix socket_sendto, test.
devnexen Feb 3, 2025
cb62974
fix object creation
devnexen Feb 3, 2025
e017a32
fix leaks on failure
devnexen Feb 3, 2025
e4de953
update test
devnexen Feb 3, 2025
4847c79
further leak fixes, removing AF_PACKET handling for addrinfo_connect.
devnexen Feb 7, 2025
23060fe
little buffer adjustments boundaries before more important changes.
devnexen Feb 7, 2025
df81dda
test packet send/recv.
devnexen Feb 9, 2025
fe00896
fix ethernet frame loop case.
devnexen Feb 11, 2025
ba41f45
add inner ether frame for loopback interface data.
devnexen Feb 11, 2025
eb41f3f
fix leaks and test
devnexen Feb 11, 2025
da14f3e
forbids non SOCK_RAW socket with AF_PACKET for the moment.
devnexen Feb 24, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion ext/sockets/config.m4
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@ PHP_ARG_ENABLE([sockets],

if test "$PHP_SOCKETS" != "no"; then
AC_CHECK_FUNCS([hstrerror if_nametoindex if_indextoname sockatmark])
AC_CHECK_HEADERS([sys/sockio.h linux/filter.h linux/if_packet.h linux/if_ether.h])
AC_CHECK_HEADERS([sys/sockio.h linux/filter.h linux/if_packet.h linux/if_ether.h netinet/ether.h])
AC_DEFINE([HAVE_SOCKETS], [1],
[Define to 1 if the PHP extension 'sockets' is available.])

Expand Down
4 changes: 4 additions & 0 deletions ext/sockets/php_sockets.h
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -77,6 +77,10 @@ typedef struct {

extern PHP_SOCKETS_API zend_class_entry *socket_ce;

#ifdef AF_PACKET
extern PHP_SOCKETS_API zend_class_entry *socket_ethinfo_ce;
#endif

static inline php_socket *socket_from_obj(zend_object *obj) {
return (php_socket *)((char *)(obj) - XtOffsetOf(php_socket, std));
}
Expand Down
155 changes: 138 additions & 17 deletions ext/sockets/sockets.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -41,6 +41,7 @@
# include <netdb.h>
# include <netinet/in.h>
# include <netinet/tcp.h>
# include <netinet/udp.h>
# include <sys/un.h>
# include <arpa/inet.h>
# include <sys/time.h>
Expand All @@ -54,6 +55,11 @@
# ifdef HAVE_IF_NAMETOINDEX
# include <net/if.h>
# endif
# ifdef HAVE_NETINET_ETHER_H
# include <netinet/ether.h>
# include <netinet/ip.h>
# include <linux/ipv6.h>
# endif
# if defined(HAVE_LINUX_SOCK_DIAG_H)
# include <linux/sock_diag.h>
# else
Expand Down Expand Up @@ -120,6 +126,9 @@ static PHP_RSHUTDOWN_FUNCTION(sockets);

zend_class_entry *socket_ce;
static zend_object_handlers socket_object_handlers;
#ifdef AF_PACKET
zend_class_entry *socket_ethinfo_ce;
#endif

static zend_object *socket_create_object(zend_class_entry *class_type) {
php_socket *intern = zend_object_alloc(sizeof(php_socket), class_type);
Expand Down Expand Up @@ -482,6 +491,9 @@ static PHP_MINIT_FUNCTION(sockets)
socket_object_handlers.get_gc = socket_get_gc;
socket_object_handlers.compare = zend_objects_not_comparable;

#if defined(AF_PACKET)
socket_ethinfo_ce = register_class_SocketEthernetInfo();
#endif
address_info_ce = register_class_AddressInfo();
address_info_ce->create_object = address_info_create_object;
address_info_ce->default_object_handlers = &address_info_object_handlers;
Expand Down Expand Up @@ -1388,7 +1400,7 @@ PHP_FUNCTION(socket_bind)
struct sockaddr_ll *sa = (struct sockaddr_ll *) sock_type;
socklen_t sa_len = sizeof(sa);

if (getsockname(php_sock->bsd_socket, sock_type, &sa_len) < 0) {
if (getsockname(php_sock->bsd_socket, (struct sockaddr *)sa, &sa_len) < 0) {
zend_value_error("invalid AF_PACKET socket");
RETURN_THROWS();
}
Expand Down Expand Up @@ -1503,7 +1515,9 @@ PHP_FUNCTION(socket_recvfrom)
struct sockaddr_in6 sin6;
#endif
#ifdef AF_PACKET
//struct sockaddr_ll sll;
struct sockaddr_ll sll;
int protoid;
socklen_t protoidlen = sizeof(protoid);
#endif
char addrbuf[INET6_ADDRSTRLEN];
socklen_t slen;
Expand Down Expand Up @@ -1532,6 +1546,15 @@ PHP_FUNCTION(socket_recvfrom)
RETURN_FALSE;
}

#ifdef AF_PACKET
// ethernet header + payload
// possibly follow-up PR SOCK_DGRAM
if (php_sock->type == AF_PACKET && arg3 < 60) {
zend_argument_value_error(3, "must be at least 60 for AF_PACKET");
RETURN_THROWS();
}
#endif

recv_buf = zend_string_alloc(arg3 + 1, 0);

switch (php_sock->type) {
Expand Down Expand Up @@ -1610,14 +1633,19 @@ PHP_FUNCTION(socket_recvfrom)
break;
#endif
#ifdef AF_PACKET
/*
case AF_PACKET:
// TODO expose and use proper ethernet frame type instead i.e. src mac, dst mac and payload to userland
// ditto for socket_sendto
getsockopt(php_sock->bsd_socket, SOL_SOCKET, SO_TYPE, (char *) &protoid, &protoidlen);

// TODO: SOCK_DGRAM support
if (protoid != SOCK_RAW) {
zend_argument_value_error(1, "must be SOCK_RAW socket type");
RETURN_THROWS();
}
slen = sizeof(sll);
memset(&sll, 0, sizeof(sll));
sll.sll_family = AF_PACKET;
char ifrname[IFNAMSIZ];
zval zpayload;

retval = recvfrom(php_sock->bsd_socket, ZSTR_VAL(recv_buf), arg3, arg4, (struct sockaddr *)&sll, (socklen_t *)&slen);

Expand All @@ -1626,20 +1654,93 @@ PHP_FUNCTION(socket_recvfrom)
zend_string_efree(recv_buf);
RETURN_FALSE;
}
ZSTR_LEN(recv_buf) = retval;
ZSTR_VAL(recv_buf)[ZSTR_LEN(recv_buf)] = '\0';

if (UNEXPECTED(!if_indextoname(sll.sll_ifindex, ifrname))) {
PHP_SOCKET_ERROR(php_sock, "unable to get the interface name", errno);
zend_string_efree(recv_buf);
RETURN_FALSE;
}

ZEND_TRY_ASSIGN_REF_NEW_STR(arg2, recv_buf);
struct ethhdr *e = (struct ethhdr *)ZSTR_VAL(recv_buf);
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

My understanding is that this is only valid for SOCK_RAW packets (not SOCK_DGRAM). As only SOCK_RAW is supported yet, we should error when an other socket type is passed, until we add support for them.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

agreed

unsigned short protocol = ntohs(e->h_proto);
unsigned char *payload;

zval obj;
object_init_ex(&obj, socket_ethinfo_ce);
array_init(&zpayload);

switch (protocol) {
case ETH_P_IP: {
payload = ((unsigned char *)e + sizeof(struct ethhdr));
struct iphdr *ip = (struct iphdr *)payload;
unsigned char *ipdata = payload + (ip->ihl * 4);
struct in_addr s, d;
s.s_addr = ip->saddr;
d.s_addr = ip->daddr;
add_assoc_string(&zpayload, "ipsrc", inet_ntoa(s));
add_assoc_string(&zpayload, "ipdst", inet_ntoa(d));

switch (ip->protocol) {
case IPPROTO_TCP: {
struct tcphdr *tcp = (struct tcphdr *)ipdata;
add_assoc_long(&zpayload, "portsrc", ntohs(tcp->th_sport));
add_assoc_long(&zpayload, "portdst", ntohs(tcp->th_dport));
break;
}
case IPPROTO_UDP: {
struct udphdr *udp = (struct udphdr *)ipdata;
add_assoc_long(&zpayload, "portsrc", ntohs(udp->uh_sport));
add_assoc_long(&zpayload, "portdst", ntohs(udp->uh_dport));
break;
}
default:
zend_string_efree(recv_buf);
zval_ptr_dtor(&zpayload);
zval_ptr_dtor(&obj);
zend_value_error("unsupported ip header protocol");
RETURN_THROWS();
}
break;
}
case ETH_P_IPV6: {
payload = ((unsigned char *)e + sizeof(struct ethhdr));
struct ipv6hdr *ip = (struct ipv6hdr *)payload;
char s[INET6_ADDRSTRLEN], d[INET6_ADDRSTRLEN];
inet_ntop(AF_INET6, &ip->saddr, s, sizeof(s));
inet_ntop(AF_INET6, &ip->daddr, d, sizeof(d));
add_assoc_string(&zpayload, "ipsrc", s);
add_assoc_string(&zpayload, "ipdst", d);
break;
}
case ETH_P_LOOP: {
struct ethhdr *innere = (struct ethhdr *)((unsigned char *)e + ETH_HLEN);
add_assoc_string(&zpayload, "macsrc", ether_ntoa((struct ether_addr *)innere->h_source));
add_assoc_string(&zpayload, "macdst", ether_ntoa((struct ether_addr *)innere->h_dest));
break;
}
default:
zend_string_efree(recv_buf);
zval_ptr_dtor(&zpayload);
zval_ptr_dtor(&obj);
zend_value_error("unsupported ethernet protocol");
RETURN_THROWS();
}

Z_DELREF(zpayload);
zend_string_efree(recv_buf);
zend_update_property(Z_OBJCE(obj), Z_OBJ(obj), ZEND_STRL("socket"), arg1);
zend_update_property_string(Z_OBJCE(obj), Z_OBJ(obj), ZEND_STRL("macsrc"), ether_ntoa((struct ether_addr *)e->h_source));
zend_update_property_string(Z_OBJCE(obj), Z_OBJ(obj), ZEND_STRL("macdst"), ether_ntoa((struct ether_addr *)e->h_dest));
zend_update_property_long(Z_OBJCE(obj), Z_OBJ(obj), ZEND_STRL("ethprotocol"), protocol);
zend_update_property(Z_OBJCE(obj), Z_OBJ(obj), ZEND_STRL("payload"), &zpayload);

ZEND_TRY_ASSIGN_REF_VALUE(arg2, &obj);
ZEND_TRY_ASSIGN_REF_STRING(arg5, ifrname);
ZEND_TRY_ASSIGN_REF_LONG(arg6, sll.sll_ifindex);

if (arg6) {
ZEND_TRY_ASSIGN_REF_LONG(arg6, sll.sll_ifindex);
}
break;
*/
#endif
default:
zend_argument_value_error(1, "must be one of AF_UNIX, AF_INET, or AF_INET6");
Expand All @@ -1661,7 +1762,10 @@ PHP_FUNCTION(socket_sendto)
struct sockaddr_in6 sin6;
#endif
#ifdef AF_PACKET
//struct sockaddr_ll sll;
struct sockaddr_ll sll;
unsigned char halen;
int protoid;
socklen_t protoidlen = sizeof(protoid);
#endif
int retval;
size_t buf_len;
Expand Down Expand Up @@ -1694,6 +1798,15 @@ PHP_FUNCTION(socket_sendto)
RETURN_THROWS();
}

#ifdef AF_PACKET
// ether header + payload
// TODO dealing with SOCK_DGRAM
if (php_sock->type == AF_PACKET && len < 60) {
zend_argument_value_error(3, "must be at least 64 for AF_PACKET");
RETURN_THROWS();
}
#endif

switch (php_sock->type) {
case AF_UNIX:
memset(&s_un, 0, sizeof(s_un));
Expand Down Expand Up @@ -1738,23 +1851,33 @@ PHP_FUNCTION(socket_sendto)
break;
#endif
#ifdef AF_PACKET
/*
case AF_PACKET:
getsockopt(php_sock->bsd_socket, SOL_SOCKET, SO_TYPE, (char *) &protoid, &protoidlen);

// TODO: SOCK_DGRAM support
if (protoid != SOCK_RAW) {
zend_argument_value_error(1, "must be SOCK_RAW socket type");
RETURN_THROWS();
}
if (port_is_null) {
zend_argument_value_error(6, "cannot be null when the socket type is AF_PACKET");
RETURN_THROWS();
}

halen = ZSTR_LEN(addr) > ETH_ALEN ? ETH_ALEN : (unsigned char)ZSTR_LEN(addr);

memset(&sll, 0, sizeof(sll));
memcpy(sll.sll_addr, addr, halen);
sll.sll_family = AF_PACKET;
sll.sll_ifindex = port;
sll.sll_halen = halen;

retval = sendto(php_sock->bsd_socket, buf, ((size_t)len > buf_len) ? buf_len : (size_t)len, flags, (struct sockaddr *) &sin, sizeof(sin));
// TODO allows to use more user friendly type to replace raw buffer usage
retval = sendto(php_sock->bsd_socket, buf, ((size_t)len > buf_len) ? buf_len : (size_t)len, flags, (struct sockaddr *) &sll, sizeof(sll));
break;
*/
#endif
default:
zend_argument_value_error(1, "must be one of AF_UNIX, AF_INET, or AF_INET6");
zend_argument_value_error(1, "must be one of AF_UNIX, AF_INET, AF_PACKET or AF_INET6");
RETURN_THROWS();
}

Expand Down Expand Up @@ -2880,8 +3003,6 @@ PHP_FUNCTION(socket_addrinfo_connect)

ai = Z_ADDRESS_INFO_P(arg1);

PHP_ETH_PROTO_CHECK(ai->addrinfo.ai_protocol, ai->addrinfo.ai_family);

object_init_ex(return_value, socket_ce);
php_sock = Z_SOCKET_P(return_value);

Expand Down
21 changes: 21 additions & 0 deletions ext/sockets/sockets.stub.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2013,6 +2013,11 @@
* @cvalue ETH_P_ALL
*/
const ETH_P_ALL = UNKNOWN;
/**
* @var int
* @cvalue ETH_FRAME_LEN
*/
const ETH_FRAME_LEN = UNKNOWN;
#endif

/**
Expand Down Expand Up @@ -2156,3 +2161,19 @@ function socket_wsaprotocol_info_import(string $info_id): Socket|false {}

function socket_wsaprotocol_info_release(string $info_id): bool {}
#endif

#ifdef AF_PACKET
final class SocketEthernetInfo
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggestion: In order to reduce the overhead of converting the raw packet to an object, we could make all the props virtual and store the raw packet directly in zend_object (in place of properties_table). Additionally we could expose the raw packet as a property. We could even reuse SocketEthernetInfo instances if we let users pass an instance as argument.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I ll see what I can do in a following PR

{
/** @readonly **/
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why did you use the @readonly annotation instead of real readonly properties?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This object will be rewritten in a following PR anyway.

public Socket $socket;
Comment on lines +2166 to +2169
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggestion: Add a constructor taking a raw packet as argument, so that people can create their own instances of this class. This would be useful at least in tests.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yes I planned this at some point.

/** @readonly **/
public int $ethprotocol;
/** @readonly **/
public string $macsrc;
/** @readonly **/
public string $macdst;
/** @readonly **/
public array $payload;
Comment on lines +2176 to +2177
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggestion: Expose the payload as a raw string, and expose the parsed payload separately as an object (null when we don't support the protocol). The object would be instantiated on the fly, too.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ok as object, not sure of the value of raw payload but I can always add it sure.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The raw payload would be useful when the application wants to log packets, or forward them without changing. It's also useful when the object is null due to not being a supported protocol. Also, having the raw payload (always) and the object (when supported) is forward compatible.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Oh I see. I can get behind it indeed then.

}
#endif
48 changes: 47 additions & 1 deletion ext/sockets/sockets_arginfo.h
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

Loading
Loading