RTPS contrib layer

[phretor]

Check this branch for detailed history of this change: https://github.com/phretor/scapy/commits/rtps

Disclaimer: I'm not sure this is the right way to bind layers that are not restricted to a non-fixed port range, so I put a comment. Let me or @vmayoral know if you prefer to enable the "ugly hack". All dissection tests pass even now.

# layer binding
# for port in range(7400, 7500):  # very ugly hack :-)
#     bind_layers(UDP, RTPS, dport=port)
#     bind_layers(TCP, RTPS, dport=port)

bind_layers(UDP, RTPS)
bind_layers(RTPS, RTPSMessage, magic=b"RTPS")
bind_layers(RTPS, RTPSMessage, magic=b"RTPX")

Co-authored-by: Federico Maggi fede@maggi.cc
Co-authored-by: Víctor Mayoral Vilches v.mayoralv@gmail.com
Signed-off-by: Federico Maggi fede@maggi.cc

[phretor]

Looks like a test unrelated to this PR is not passing.

######
## ISOTPSoftSocket MITM attack tests
######
###(047)=[failed] Send a two-frame ISOTP message with padding
>>> acks = TestSocket(CAN)
>>> cans = TestSocket(CAN)
>>> acks.pair(cans)
>>> 
>>> acker = AsyncSniffer(opened_socket=acks, store=False, prn=lambda x: acks.send(CAN(identifier = 0x241, data=dhex("30 00 00"))), timeout=1, count=1)
>>> acker.start()
>>> with TestSocket(CAN) as isocan, ISOTPSoftSocket(isocan, sid=0x641, did=0x241, padding=True) as s:
...     acks.pair(isocan)
...     cans.pair(isocan)
...     s.send(ISOTP(data=dhex("01 02 03 04 05 06 07 08")))
...     can = cans.sniff(timeout=1, count=1)[0]
...     assert(can.identifier == 0x641)
...     assert(can.data == dhex("10 08 01 02 03 04 05 06"))
...     can = cans.sniff(timeout=1, count=1)[0]
...     assert(can.identifier == 0x241)
...     assert(can.data == dhex("30 00 00"))
...     can = cans.sniff(timeout=1, count=1)[0]
...     assert(can.identifier == 0x641)
...     assert(can.data == dhex("21 07 08 CC CC CC CC CC"))
... 
11
Traceback (most recent call last):
  File "<input>", line 7, in <module>
AssertionError
UTscapy ended with error code 1
SocketCAN support: False
Using PythonCANSocket virtual
SocketCAN support: False
Using PythonCANSocket virtual
SocketCAN support: False
Using PythonCANSocket virtual
SocketCAN support: False
Using PythonCANSocket virtual
SocketCAN support: False
Using PythonCANSocket virtual
SocketCAN support: False
Using PythonCANSocket virtual
SocketCAN support: False
Using PythonCANSocket virtual
SocketCAN support: False
Using PythonCANSocket virtual
TEST SKIPPED: can-isotp not available
TEST SKIPPED: can-isotp not available
TEST SKIPPED: can-isotp not available
TEST SKIPPED: can-isotp not available
TEST SKIPPED: can-isotp not available
TEST SKIPPED: can-isotp not available
TEST SKIPPED: can-isotp not available
TEST SKIPPED: can-isotp not available
TEST SKIPPED: can-isotp not available
TEST SKIPPED: can-isotp not available
TEST SKIPPED: can-isotp not available
TEST SKIPPED: can-isotp not available
TEST SKIPPED: can-isotp not available
TEST SKIPPED: can-isotp not available
TEST SKIPPED: can-isotp not available
TEST SKIPPED: can-isotp not available
TEST SKIPPED: can-isotp not available
TEST SKIPPED: can-isotp not available
TEST SKIPPED: can-isotp not available
TEST SKIPPED: can-isotp not available
TEST SKIPPED: can-isotp not available
TEST SKIPPED: can-isotp not available
TEST SKIPPED: can-isotp not available
TEST SKIPPED: can-isotp not available
SocketCAN support: False
Using PythonCANSocket virtual
ERROR: InvocationError for command 'C:\projects\scapy\.tox\py37-windows\Scripts\python' -m coverage run -m scapy.tools.UTscapy -c test/configs/windows.utsc (exited with code 1)
___________________________________ summary ___________________________________
ERROR:   py37-windows: commands failed
Command exited with code 1

[polybassa]

Sorry, I'm working on a fix...

[phretor]

Bump ☺️

[polybassa]

Did you rebased on the current master? -- Viele Grüße Nils Weiß

…

On October 17, 2021 9:34:37 AM GMT+02:00, Federico Maggi ***@***.***> wrote: Bump ☺️> > -- > You are receiving this because you commented.> Reply to this email directly or view it on GitHub:> #3403 (comment)

[phretor]

Yes @polybassa - I had branched rtps from the most current master. I double checked right now and fetched && rebased, but they seem aligned:

 ❯ git rebase master
Current branch rtps is up to date.

[polybassa]

Thanks. I'll inspect those failures. -- Viele Grüße Nils Weiß

…

On October 17, 2021 11:22:10 AM GMT+02:00, Federico Maggi ***@***.***> wrote: Yes @polybassa - I had branched `scapy` from the most current `master`. I double checked right now and fetched && rebased, but they seem aligned:> > ```> ❯ git rebase master [11:21:44]> Current branch rtps is up to date.> ```> > -- > You are receiving this because you were mentioned.> Reply to this email directly or view it on GitHub:> #3403 (comment)

[phretor]

Thanks. I'll inspect those failures.

Anything we can help with @polybassa?

[polybassa]

Well.. I think in the end I have to do a bigger refactoring of ISOTPSoftSockets. Something is causing instabilities on the CI systems. Unfortunately these bugs are very sporadic or depend on the performance of the CI-system. So catching them on my local system is almost impossible.

[polybassa]

Feel free to add the ~disabled tag to the isotp_soft_socket.uts file as @gpotter2 did it in #3413

[phretor]

Feel free to add the ~disabled tag to the isotp_soft_socket.uts file as @gpotter2 did it in #3413

Done with f2cde18

[gpotter2]

Generally solid PR, the packet formats look fine. Just a few few minor things.

[codecov]

Codecov Report

Merging #3403 (6a985e1) into master (e28aa57) will decrease coverage by 0.00%.
The diff coverage is n/a.

❗ Current head 6a985e1 differs from pull request most recent head 0f81b2c. Consider uploading reports for the commit 0f81b2c to get more accurate results

@@            Coverage Diff             @@
##           master    #3403      +/-   ##
==========================================
- Coverage   85.28%   85.27%   -0.01%     
==========================================
  Files         277      277              
  Lines       57192    57192              
==========================================
- Hits        48774    48772       -2     
- Misses       8418     8420       +2     

Impacted Files	Coverage Δ
scapy/arch/windows/__init__.py	67.73% <0.00%> (-0.57%)	⬇️
scapy/layers/inet6.py	88.36% <0.00%> (+0.05%)	⬆️

[phretor]

Done. Pinging @polybassa and @gpotter2 for checks.

[phretor]

@polybassa @gpotter2 not sure what the failures are about. I tried to reproduce locally and the docs job fails as well, with a very generic error and no details:

ERROR: InvocationError for command /src/scapy/.tox/docs/bin/sphinx-build -W --keep-going -b html . _build/html (exited with code 1)

[gpotter2]

The docs logs aren't the easiest to read 🙂 If you go through them carefully you'll notice the following:

reading sources... [ 51%] api/scapy.contrib.rtps
/home/runner/work/scapy/scapy/scapy/base_classes.py:324: SyntaxWarning: Packet 'EndpointFlagsPacket' has a duplicated 'reserved' field ! If you are using several ConditionalFields, have a look at MultipleTypeField instead ! This will become a SyntaxError in a future version of Scapy !
  warnings.warn(war_msg, SyntaxWarning)
/home/runner/work/scapy/scapy/scapy/fields.py:444: SyntaxWarning: All fields should have the same name in a MultipleTypeField

[phretor]

Oh my, I had ignored those warnings - ac62f5b should do the job @gpotter2

[phretor]

OK, I think 71a5f3e did the job. Still, Codecov is not passing. Any idea why @polybassa @gpotter2 ?

[polybassa]

I think you can ignore codecov. Since you disabled the isotp tests, it decreased the coverage. -- Viele Grüße Nils Weiß

On October 21, 2021 9:17:16 AM GMT+02:00, Federico Maggi ***@***.***> wrote: OK, I think 71a5f3e did the job. Still, Codecov is not passing. Any idea why @polybassa

***@***.*** ?

…

-- You are receiving this because you were mentioned. Reply to this email directly or view it on GitHub: #3403 (comment)

[phretor]

I think everything has been sorted out with this PR. Any plans on when this could be merged? We have an upcoming talk at Black Hat next month and would be great to say "and Scapy can now successfully dissect/forge RTPS frames" 🤓

[vmayoral]

Ping in here, any chance we could have this merged maintainers?

[gpotter2]

I need to re-review this and I'll merge it in the following couple of days. Sorry about the delay

[guedou]

Be assured that this PR will be merged before BHEU =)

[vmayoral]

Awesome, thanks a lot @guedou and @gpotter2 for the quick reaction!

[gpotter2]

Some last minor comments, other than that LGTM.

[gpotter2]

Also please rebase against master

[phretor]

Also please rebase against master

See the most recent commits. I rebased rtps against master. If you can get this merged quickly, I know @vmayoral has some improvements ready for a PR ;-)

[vmayoral]

See the most recent commits. I rebased rtps against master. If you can get this merged quickly, I know @vmayoral has some improvements ready for a PR ;-)

+1, it'd be awesome to get this in ASAP folks.

Count on us for maintaining this down the road (i.e. working on some extensions at https://github.com/vmayoral/scapy/tree/rtps). We'll push those once this first contribution is finalized.

[phretor]

Sorry folks. One rebase too much. I'm a hurry and I shouldn't work. I'll fix it when I have time. Otherwise, feel free to wipe the entire thing, copy the code from my repo, and start a fresh PR. I don't care too much about credits at this point, as long as this painful journey comes to an end.

[gpotter2]

No worries, thanks for the work !
I'll use my secret maintainer powers to rebase the PR and merge it ASAP :-)

[gpotter2]

Thanks a lot for the great PR and sorry for the time it took. I hope we didn't disgust you from contributing to scapy :/

[phretor]

@gpotter2 code quality is of paramount importance. I was caught in the worst moment of my day, and I'm really glad I found in you Scapy devs and @vmayoral the supported that I needed. Right when I needed. Thanks!