public void validate(Association ass)
{
// step 1 - deduce the validation rules:
// validation depends on the types of chunk in the list.
if ((_chunks != null) && (_chunks.Count > 0))
{
int init = findChunk(ChunkType.INIT);
if (init >= 0)
{
if (init != 0)
{
throw new InvalidSCTPPacketException("Init must be only chunk in a packet");
}
if (_verTag != 0)
{
throw new InvalidSCTPPacketException("VerTag on an init packet expected to be Zeros");
}
}
else
{
int abo = findChunk(ChunkType.ABORT);
if (abo >= 0)
{
// we have an abort
_chunks = _chunks.GetRange(0, abo + 1); // remove any subsequent chunks.
reflectedVerify(abo, ass);
}
else
{
int sdc = findChunk(ChunkType.SHUTDOWN_COMPLETE);
if (sdc >= 0)
{
if (sdc == 0)
{
reflectedVerify(sdc, ass);
}
else
{
throw new InvalidSCTPPacketException(
"SHUTDOWN_COMPLETE must be only chunk in a packet");
}
}
else
{
// somewhat hidden here - but this is the normal case - not init abort or shutdown complete
if (_verTag != ass.getMyVerTag())
{
throw new InvalidSCTPPacketException("VerTag on plain packet expected to match ours " +
_verTag + " != " + ass.getMyVerTag());
}
}
}
}
}
}
/*
* 8.5. Verification Tag
*
* The Verification Tag rules defined in this section apply when sending
* or receiving SCTP packets that do not contain an INIT, SHUTDOWN
* COMPLETE, COOKIE ECHO (see Section 5.1), ABORT, or SHUTDOWN ACK
* chunk. The rules for sending and receiving SCTP packets containing
* one of these chunk types are discussed separately in Section 8.5.1.
*
* When sending an SCTP packet, the endpoint MUST fill in the
* Verification Tag field of the outbound packet with the tag value in
* the Initiate Tag parameter of the INIT or INIT ACK received from its
* peer.
*
* When receiving an SCTP packet, the endpoint MUST ensure that the
* value in the Verification Tag field of the received SCTP packet
* matches its own tag. If the received Verification Tag value does not
* match the receiver's own tag value, the receiver shall silently
* discard the packet and shall not process it any further except for
* those cases listed in Section 8.5.1 below.
*
* 8.5.1. Exceptions in Verification Tag Rules
*
* A) Rules for packet carrying INIT:
*
* - The sender MUST set the Verification Tag of the packet to 0.
*
* - When an endpoint receives an SCTP packet with the Verification
* Tag set to 0, it should verify that the packet contains only an
* INIT chunk. Otherwise, the receiver MUST silently discard the
* packet.
*
* B) Rules for packet carrying ABORT:
*
* - The endpoint MUST always fill in the Verification Tag field of
* the outbound packet with the destination endpoint's tag value, if
* it is known.
*
* - If the ABORT is sent in response to an OOTB packet, the endpoint
* MUST follow the procedure described in Section 8.4.
*
*
*
* Stewart Standards Track [Page 105]
*
* RFC 4960 Stream Control Transmission Protocol September 2007
*
*
* - The receiver of an ABORT MUST accept the packet if the
* Verification Tag field of the packet matches its own tag and the
* T bit is not set OR if it is set to its peer's tag and the T bit
* is set in the Chunk Flags. Otherwise, the receiver MUST silently
* discard the packet and take no further action.
*
* C) Rules for packet carrying SHUTDOWN COMPLETE:
*
* - When sending a SHUTDOWN COMPLETE, if the receiver of the SHUTDOWN
* ACK has a TCB, then the destination endpoint's tag MUST be used,
* and the T bit MUST NOT be set. Only where no TCB exists should
* the sender use the Verification Tag from the SHUTDOWN ACK, and
* MUST set the T bit.
*
* - The receiver of a SHUTDOWN COMPLETE shall accept the packet if
* the Verification Tag field of the packet matches its own tag and
* the T bit is not set OR if it is set to its peer's tag and the T
* bit is set in the Chunk Flags. Otherwise, the receiver MUST
* silently discard the packet and take no further action. An
* endpoint MUST ignore the SHUTDOWN COMPLETE if it is not in the
* SHUTDOWN-ACK-SENT state.
*
* D) Rules for packet carrying a COOKIE ECHO
*
* - When sending a COOKIE ECHO, the endpoint MUST use the value of
* the Initiate Tag received in the INIT ACK.
*
* - The receiver of a COOKIE ECHO follows the procedures in Section
* 5.
*
* E) Rules for packet carrying a SHUTDOWN ACK
*
* - If the receiver is in COOKIE-ECHOED or COOKIE-WAIT state the
* procedures in Section 8.4 SHOULD be followed; in other words, it
* should be treated as an Out Of The Blue packet.
*
*/
private void reflectedVerify(int cno, Association ass)
{
Chunk chunk = _chunks[cno];
bool t = ((Chunk.TBIT & chunk._flags) > 0);
int cverTag = t ? ass.getPeerVerTag() : ass.getMyVerTag();
if (cverTag != _verTag)
{
throw new InvalidSCTPPacketException($"VerTag on an {(ChunkType)chunk._type} doesn't match " + (t ? "their " : "our ") + " vertag " + _verTag + " != " + cverTag);
}
}
