Big Sessions cleanup

gpotter2 · gpotter2 · commit 9eaff5a50dff · 2023-08-19T18:40:44.000+02:00
diff --git a/doc/scapy/layers/automotive.rst b/doc/scapy/layers/automotive.rst
@@ -1158,7 +1158,7 @@ then casted to ``UDS`` objects through the ``basecls`` parameter
 Usage example::
 
     with PcapReader("test/contrib/automotive/ecu_trace.pcap") as sock:
-        udsmsgs = sniff(session=ISOTPSession, session_kwargs={"use_ext_addr":False, "basecls":UDS}, count=50, opened_socket=sock)
+        udsmsgs = sniff(session=ISOTPSession(use_ext_addr=False, basecls=UDS), count=50, opened_socket=sock)
 
 
     ecu = Ecu()
@@ -1183,7 +1183,7 @@ Usage example::
     session = EcuSession()
 
     with PcapReader("test/contrib/automotive/ecu_trace.pcap") as sock:
-        udsmsgs = sniff(session=ISOTPSession, session_kwargs={"supersession": session, "use_ext_addr":False, "basecls":UDS}, count=50, opened_socket=sock)
+        udsmsgs = sniff(session=ISOTPSession(use_ext_addr=False, basecls=UDS, supersession=session)), count=50, opened_socket=sock)
 
     ecu = session.ecu
     print(ecu.log)
diff --git a/doc/scapy/usage.rst b/doc/scapy/usage.rst
@@ -783,7 +783,7 @@ Those sessions can be used using the ``session=`` parameter of ``sniff()``. Exam
 
 .. note::
    To implement your own Session class, in order to support another flow-based protocol, start by copying a sample from `scapy/sessions.py <https://github.com/secdev/scapy/blob/master/scapy/sessions.py>`_
-   Your custom ``Session`` class only needs to extend the :py:class:`~scapy.sessions.DefaultSession` class, and implement a ``on_packet_received`` function, such as in the example.
+   Your custom ``Session`` class only needs to extend the :py:class:`~scapy.sessions.DefaultSession` class, and implement a ``process`` or a ``recv`` function, such as in the examples.
 
 
 How to use TCPSession to defragment TCP packets
diff --git a/scapy/base_classes.py b/scapy/base_classes.py
@@ -326,6 +326,28 @@ def __new__(cls: Type[_T],
 
             dct["fields_desc"] = final_fld
 
+        # Add default dispatch_hook if a minlength_hook is present
+        if "minlength_hook" in dct:
+            minlength_hook = dct.pop("minlength_hook")
+            _dispatch_hook = dct.pop(
+                "dispatch_hook",
+                lambda *_, **__: cls
+            )
+            from scapy.config import conf
+
+            def dispatch_hook(
+                _pkt: Optional[bytes] = None,
+                *args: Any,
+                **kwargs: Any
+            ) -> Type['Packet']:
+                if _pkt and len(_pkt) < minlength_hook(_pkt):
+                    return conf.padding_layer
+                return cast(
+                    Type['Packet'],
+                    _dispatch_hook(_pkt, *args, **kwargs),
+                )
+            dct["dispatch_hook"] = dispatch_hook
+
         dct.setdefault("__slots__", [])
         for attr in ["name", "overload_fields"]:
             try:
diff --git a/scapy/contrib/automotive/ecu.py b/scapy/contrib/automotive/ecu.py
@@ -469,17 +469,16 @@ class EcuSession(DefaultSession):
     """
     def __init__(self, *args, **kwargs):
         # type: (Any, Any) -> None
-        DefaultSession.__init__(self, *args, **kwargs)
         self.ecu = Ecu(logging=kwargs.pop("logging", True),
                        verbose=kwargs.pop("verbose", True),
                        store_supported_responses=kwargs.pop("store_supported_responses", True))  # noqa: E501
+        super(EcuSession, self).__init__(*args, **kwargs)
 
-    def on_packet_received(self, pkt):
-        # type: (Optional[Packet]) -> None
+    def process(self, pkt: Packet) -> Optional[Packet]:
         if not pkt:
-            return
+            return None
         self.ecu.update(pkt)
-        DefaultSession.on_packet_received(self, pkt)
+        return pkt
 
 
 class EcuResponse:
diff --git a/scapy/contrib/isotp/isotp_utils.py b/scapy/contrib/isotp/isotp_utils.py
@@ -14,12 +14,15 @@
 from scapy.utils import EDecimal
 from scapy.packet import Packet
 from scapy.sessions import DefaultSession
+from scapy.supersocket import SuperSocket
 from scapy.contrib.isotp.isotp_packet import ISOTP, N_PCI_CF, N_PCI_SF, \
     N_PCI_FF, N_PCI_FC
 
 # Typing imports
 from typing import (
+    cast,
     Iterable,
+    Iterator,
     Optional,
     Union,
     List,
@@ -336,20 +339,23 @@ class ISOTPSession(DefaultSession):
 
     def __init__(self, *args, **kwargs):
         # type: (Any, Any) -> None
-        super(ISOTPSession, self).__init__(*args, **kwargs)
         self.m = ISOTPMessageBuilder(
             use_ext_address=kwargs.pop("use_ext_address", None),
             rx_id=kwargs.pop("rx_id", None),
             basecls=kwargs.pop("basecls", ISOTP))
+        super(ISOTPSession, self).__init__(*args, **kwargs)
 
-    def on_packet_received(self, pkt):
-        # type: (Optional[Packet]) -> None
+    def recv(self, sock: SuperSocket) -> Iterator[Packet]:
+        """
+        Will be called by sniff() to ask for a packet
+        """
+        pkt = sock.recv()
         if not pkt:
             return
         self.m.feed(pkt)
         while len(self.m) > 0:
-            rcvd = self.m.pop()
-            if self._supersession:
-                self._supersession.on_packet_received(rcvd)
-            else:
-                super(ISOTPSession, self).on_packet_received(rcvd)
+            rcvd = cast(Optional[Packet], self.m.pop())
+            if rcvd:
+                rcvd = self.process(rcvd)
+            if rcvd:
+                yield rcvd
diff --git a/scapy/layers/dcerpc.py b/scapy/layers/dcerpc.py
@@ -91,6 +91,11 @@
     EPacketListField,
 )
 
+# Typing imports
+from typing import (
+    Optional,
+)
+
 
 # DCE/RPC Packet
 DCE_RPC_TYPE = {
@@ -1895,12 +1900,11 @@ def _process_dcerpc_packet(self, pkt):
             pkt = self._parse_with_opnum(pkt, opnum, opts)
         return pkt
 
-    def on_packet_received(self, pkt):
+    def process(self, pkt: Packet) -> Optional[Packet]:
         if DceRpc5 in pkt:
-            return super(DceRpcSession, self).on_packet_received(
-                self._process_dcerpc_packet(pkt)
-            )
-        return super(DceRpcSession, self).on_packet_received(pkt)
+            return self._process_dcerpc_packet(pkt)
+        else:
+            return pkt
 
 
 # --- TODO cleanup below
diff --git a/scapy/layers/inet.py b/scapy/layers/inet.py
@@ -1897,7 +1897,7 @@ def parse_args(self, ip, port, *args, **kargs):
         self.src = self.l4.src
         self.sack = self.l4[TCP].ack
         self.rel_seq = None
-        self.rcvbuf = TCPSession(prn=self._transmit_packet, store=False)
+        self.rcvbuf = TCPSession()
         bpf = "host %s  and host %s and port %i and port %i" % (self.src,
                                                                 self.dst,
                                                                 self.sport,
@@ -1982,7 +1982,7 @@ def receive_data(self, pkt):
             # Answer with an Ack
             self.send(self.l4)
             # Process data - will be sent to the SuperSocket through this
-            self.rcvbuf.on_packet_received(pkt)
+            self._transmit_packet(self.rcvbuf.process(pkt))
 
     @ATMT.ioevent(ESTABLISHED, name="tcp", as_supersocket="tcplink")
     def outgoing_data_received(self, fd):
diff --git a/scapy/layers/netflow.py b/scapy/layers/netflow.py
@@ -64,11 +64,16 @@
 )
 from scapy.packet import Packet, bind_layers, bind_bottom_up
 from scapy.plist import PacketList
-from scapy.sessions import IPSession, DefaultSession
+from scapy.sessions import IPSession
 
 from scapy.layers.inet import UDP
 from scapy.layers.inet6 import IP6Field
 
+# Typing imports
+from typing import (
+    Optional,
+)
+
 
 class NetflowHeader(Packet):
     name = "Netflow Header"
@@ -1596,25 +1601,21 @@ class NetflowSession(IPSession):
     See help(scapy.layers.netflow) for more infos.
     """
     def __init__(self, *args, **kwargs):
-        IPSession.__init__(self, *args, **kwargs)
         self.definitions = {}
         self.definitions_opts = {}
         self.ignored = set()
+        super(NetflowSession, self).__init__(*args, **kwargs)
 
-    def _process_packet(self, pkt):
+    def process(self, pkt: Packet) -> Optional[Packet]:
+        pkt = super(NetflowSession, self).process(pkt)
+        if not pkt:
+            return
         _netflowv9_defragment_packet(pkt,
                                      self.definitions,
                                      self.definitions_opts,
                                      self.ignored)
         return pkt
 
-    def on_packet_received(self, pkt):
-        # First, defragment IP if necessary
-        pkt = self._ip_process_packet(pkt)
-        # Now handle NetflowV9 defragmentation
-        pkt = self._process_packet(pkt)
-        DefaultSession.on_packet_received(self, pkt)
-
 
 class NetflowOptionsRecordScopeV9(NetflowRecordV9):
     name = "Netflow Options Template Record V9/10 - Scope"
diff --git a/scapy/layers/tls/handshake.py b/scapy/layers/tls/handshake.py
@@ -463,7 +463,7 @@ def tls_session_update(self, msg_str):
                         # RFC 8701: GREASE of TLS will send unknown versions
                         # here. We have to ignore them
                         if ver in _tls_version:
-                            self.tls_session.advertised_tls_version = ver
+                            s.advertised_tls_version = ver
                             break
                 if isinstance(e, TLS_Ext_SignatureAlgorithms):
                     s.advertised_sig_algs = e.sig_algs
diff --git a/scapy/layers/tls/record.py b/scapy/layers/tls/record.py
@@ -328,6 +328,12 @@ def dispatch_hook(cls, _pkt=None, *args, **kargs):
                         return SSLv2
                     # Not SSLv2: continuation
                     return _TLSEncryptedContent
+                if plen >= 5:
+                    # Check minimum length
+                    msglen = struct.unpack('!H', _pkt[3:5])[0] + 5
+                    if plen < msglen:
+                        # This is a fragment
+                        return conf.padding_layer
                 # Check TLS 1.3
                 if s and s.tls_version == 0x0304:
                     _has_cipher = lambda x: (
@@ -567,12 +573,24 @@ def do_dissect_payload(self, s):
         as the TLS session to be used would get lost.
         """
         if s:
+            # Check minimum length
+            if len(s) < 5:
+                p = conf.raw_layer(s, _internal=1, _underlayer=self)
+                self.add_payload(p)
+                return
+            msglen = struct.unpack('!H', s[3:5])[0] + 5
+            if len(s) < msglen:
+                # This is a fragment
+                self.add_payload(conf.padding_layer(s))
+                return
             try:
                 p = TLS(s, _internal=1, _underlayer=self,
                         tls_session=self.tls_session)
             except KeyboardInterrupt:
                 raise
             except Exception:
+                if conf.debug_dissector:
+                    raise
                 p = conf.raw_layer(s, _internal=1, _underlayer=self)
             self.add_payload(p)
 
diff --git a/scapy/layers/tls/record_tls13.py b/scapy/layers/tls/record_tls13.py
@@ -15,7 +15,6 @@
 
 import struct
 
-from scapy.config import conf
 from scapy.error import log_runtime, warning
 from scapy.compat import raw, orb
 from scapy.fields import ByteEnumField, PacketField, XStrField
@@ -172,15 +171,7 @@ def do_dissect_payload(self, s):
         Note that overloading .guess_payload_class() would not be enough,
         as the TLS session to be used would get lost.
         """
-        if s:
-            try:
-                p = TLS(s, _internal=1, _underlayer=self,
-                        tls_session=self.tls_session)
-            except KeyboardInterrupt:
-                raise
-            except Exception:
-                p = conf.raw_layer(s, _internal=1, _underlayer=self)
-            self.add_payload(p)
+        return TLS.do_dissect_payload(self, s)
 
     # Building methods
 
diff --git a/scapy/layers/tls/session.py b/scapy/layers/tls/session.py
@@ -1127,13 +1127,8 @@ def tcp_reassemble(cls, data, metadata, session):
         from scapy.layers.tls.record import TLS
         from scapy.layers.tls.record_tls13 import TLS13
         if cls in (TLS, TLS13):
-            length = 0
-            curdata = data
-            while len(curdata) > 5:
-                clength = struct.unpack("!H", curdata[3:5])[0] + 5
-                curdata = curdata[clength:]
-                length += clength
-            if len(data) == length:
+            length = struct.unpack("!H", data[3:5])[0] + 5
+            if len(data) >= length:
                 # get the underlayer as it is used to populate tls_session
                 underlayer = metadata["original"][TCP].copy()
                 underlayer.remove_payload()
diff --git a/scapy/packet.py b/scapy/packet.py
@@ -88,7 +88,7 @@ class Packet(
         "packetfields",
         "original", "explicit", "raw_packet_cache",
         "raw_packet_cache_fields", "_pkt", "post_transforms",
-        "stop_payload_dissection",
+        "stop_dissection_after",
         # then payload, underlayer and parent
         "payload", "underlayer", "parent",
         "name",
@@ -147,7 +147,7 @@ def __init__(self,
                  _internal=0,  # type: int
                  _underlayer=None,  # type: Optional[Packet]
                  _parent=None,  # type: Optional[Packet]
-                 stop_payload_dissection=None,  # type: Optional[Callable[[Packet, Type[Packet]], bool]]  # noqa: E501
+                 stop_dissection_after=None,  # type: Optional[Type[Packet]]
                  **fields  # type: Any
                  ):
         # type: (...) -> None
@@ -176,9 +176,7 @@ def __init__(self,
         self.direction = None  # type: Optional[int]
         self.sniffed_on = None  # type: Optional[_GlobInterfaceType]
         self.comment = None  # type: Optional[bytes]
-        self.stop_payload_dissection = (
-            stop_payload_dissection or (lambda *args: False)
-        )
+        self.stop_dissection_after = stop_dissection_after
         if _pkt:
             self.dissect(_pkt)
             if not _internal:
@@ -1038,18 +1036,22 @@ def do_dissect_payload(self, s):
         :param str s: the raw layer
         """
         if s:
+            if (
+                self.stop_dissection_after and
+                isinstance(self, self.stop_dissection_after)
+            ):
+                # stop dissection here
+                p = conf.raw_layer(s, _internal=1, _underlayer=self)
+                self.add_payload(p)
+                return
             cls = self.guess_payload_class(s)
             try:
-                if self.stop_payload_dissection(self, cls):
-                    # stop dissection here
-                    p = conf.raw_layer(s, _internal=1, _underlayer=self)
-                else:
-                    p = cls(
-                        s,
-                        stop_payload_dissection=self.stop_payload_dissection,
-                        _internal=1,
-                        _underlayer=self,
-                    )
+                p = cls(
+                    s,
+                    stop_dissection_after=self.stop_dissection_after,
+                    _internal=1,
+                    _underlayer=self,
+                )
             except KeyboardInterrupt:
                 raise
             except Exception:
diff --git a/scapy/sendrecv.py b/scapy/sendrecv.py
diff --git a/scapy/sessions.py b/scapy/sessions.py
diff --git a/test/contrib/automotive/ecu.uts b/test/contrib/automotive/ecu.uts
diff --git a/test/contrib/isotp_soft_socket.uts b/test/contrib/isotp_soft_socket.uts
diff --git a/test/tls.uts b/test/tls.uts
