static gboolean
dissect_credssp_heur(tvbuff_t *tvb, packet_info *pinfo, proto_tree *parent_tree)
{
asn1_ctx_t asn1_ctx;
int offset = 0;
gint8 class;
gboolean pc;
gint32 tag;
guint32 length;
asn1_ctx_init(&asn1_ctx, ASN1_ENC_BER, TRUE, pinfo);
/* Look for SEQUENCE, CONTEXT 0, and INTEGER 2 */
if(tvb_length(tvb) > 7) {
offset = get_ber_identifier(tvb, offset, &class, &pc, &tag);
if((class == BER_CLASS_UNI) && (tag == BER_UNI_TAG_SEQUENCE) && (pc == TRUE)) {
offset = get_ber_length(tvb, offset, NULL, NULL);
offset = get_ber_identifier(tvb, offset, &class, &pc, &tag);
if((class == BER_CLASS_CON) && (tag == 0)) {
offset = get_ber_length(tvb, offset, NULL, NULL);
offset = get_ber_identifier(tvb, offset, &class, &pc, &tag);
if((class == BER_CLASS_UNI) && (tag == BER_UNI_TAG_INTEGER)) {
offset = get_ber_length(tvb, offset, &length, NULL);
if((length == 1) && (tvb_get_guint8(tvb, offset) == 2)) {
dissect_credssp(tvb, pinfo, parent_tree);
return TRUE;
}
}
}
}
}
static gboolean
dissect_mpeg_audio_frame(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
{
guint32 h;
struct mpa mpa;
int data_size = 0;
asn1_ctx_t asn1_ctx;
int offset = 0;
static const char *version_names[] = { "1", "2", "2.5" };
if (!tvb_bytes_exist(tvb, 0, 4))
return FALSE; /* not enough data for an MPEG audio frame */
h = tvb_get_ntohl(tvb, 0);
MPA_UNMARSHAL(&mpa, h);
if (!MPA_SYNC_VALID(&mpa))
return FALSE;
if (!MPA_VERSION_VALID(&mpa))
return FALSE;
if (!MPA_LAYER_VALID(&mpa))
return FALSE;
col_add_fstr(pinfo->cinfo, COL_PROTOCOL,
"MPEG-%s", version_names[mpa_version(&mpa)]);
col_add_fstr(pinfo->cinfo, COL_INFO,
"Audio Layer %d", mpa_layer(&mpa) + 1);
if (MPA_BITRATE_VALID(&mpa) && MPA_FREQUENCY_VALID(&mpa)) {
data_size = (int)(MPA_DATA_BYTES(&mpa) - sizeof mpa);
if (check_col(pinfo->cinfo, COL_DEF_SRC)) {
SET_ADDRESS(&pinfo->src, AT_NONE, 0, NULL);
col_add_fstr(pinfo->cinfo, COL_DEF_SRC,
"%d kb/s", mpa_bitrate(&mpa) / 1000);
}
if (check_col(pinfo->cinfo, COL_DEF_DST)) {
SET_ADDRESS(&pinfo->dst, AT_NONE, 0, NULL);
col_add_fstr(pinfo->cinfo, COL_DEF_DST,
"%g kHz", mpa_frequency(&mpa) / (float)1000);
}
}
if (tree == NULL)
return TRUE;
asn1_ctx_init(&asn1_ctx, ASN1_ENC_PER, TRUE, pinfo);
offset = dissect_mpeg_audio_Audio(tvb, offset, &asn1_ctx,
tree, proto_mpeg_audio);
if (data_size > 0) {
unsigned int padding;
proto_tree_add_item(tree, hf_mpeg_audio_data, tvb,
offset / 8, data_size, ENC_NA);
offset += data_size * 8;
padding = mpa_padding(&mpa);
if (padding > 0) {
proto_tree_add_item(tree, hf_mpeg_audio_padbytes, tvb,
offset / 8, padding, ENC_NA);
}
}
return TRUE;
}
/*
* Dissect MMS PDUs inside a PPDU.
*/
static void
dissect_mms(tvbuff_t *tvb, packet_info *pinfo, proto_tree *parent_tree)
{
int offset = 0;
int old_offset;
proto_item *item=NULL;
proto_tree *tree=NULL;
asn1_ctx_t asn1_ctx;
asn1_ctx_init(&asn1_ctx, ASN1_ENC_BER, TRUE, pinfo);
if(parent_tree){
item = proto_tree_add_item(parent_tree, proto_mms, tvb, 0, -1, ENC_NA);
tree = proto_item_add_subtree(item, ett_mms);
}
col_set_str(pinfo->cinfo, COL_PROTOCOL, "MMS");
col_clear(pinfo->cinfo, COL_INFO);
while (tvb_reported_length_remaining(tvb, offset) > 0){
old_offset=offset;
offset=dissect_mms_MMSpdu(FALSE, tvb, offset, &asn1_ctx , tree, -1);
if(offset == old_offset){
proto_tree_add_text(tree, tvb, offset, -1,"Internal error, zero-byte MMS PDU");
break;
}
}
}
/* MS-GPEF section 2.2.1.2.2 EfsKey*/
static int
dissect_gpef_efskey(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *parent_tree)
{
proto_item *item = NULL;
proto_tree *tree = NULL;
int old_offset = offset;
guint32 length1, sid_offset;
guint32 cert_length, cert_offset;
tvbuff_t *next_tvb;
asn1_ctx_t asn1_ctx;
asn1_ctx_init(&asn1_ctx, ASN1_ENC_BER, TRUE, pinfo);
if (parent_tree) {
item = proto_tree_add_item(parent_tree, hf_gpef_efskey, tvb, -1, -1, ENC_NA);
tree = proto_item_add_subtree(item, ett_gpef_efskey);
}
/* length 1 */
length1 = tvb_get_letohl(tvb, offset);
proto_tree_add_item(tree, hf_gpef_efskey_length1, tvb, offset, 4, ENC_LITTLE_ENDIAN);
offset += 4;
/* length 2 */
proto_tree_add_item(tree, hf_gpef_efskey_length2, tvb, offset, 4, ENC_LITTLE_ENDIAN);
offset += 4;
/* sid offset */
sid_offset = tvb_get_letohl(tvb, offset);
proto_tree_add_item(tree, hf_gpef_efskey_sid_offset, tvb, offset, 4, ENC_LITTLE_ENDIAN);
offset += 4;
/* reserved */
offset += 4;
/* cert length */
cert_length = tvb_get_letohl(tvb, offset);
proto_tree_add_item(tree, hf_gpef_efskey_cert_length, tvb, offset, 4, ENC_LITTLE_ENDIAN);
offset += 4;
/* cert offset */
cert_offset = tvb_get_letohl(tvb, offset);
proto_tree_add_item(tree, hf_gpef_efskey_cert_offset, tvb, offset, 4, ENC_LITTLE_ENDIAN);
offset += 4;
/* reserved, must be 0x20 0x00 0x00 0x00 */
offset += 4;
/* sid */
dissect_nt_sid(tvb, old_offset+4+sid_offset, tree, "sid", NULL, -1);
/* certificate */
next_tvb = tvb_new_subset(tvb, old_offset+4+cert_offset, cert_length, cert_length);
(void)dissect_x509af_Certificate(FALSE, next_tvb, 0, &asn1_ctx, tree, hf_gpef_efskey_certificate);
offset = old_offset + length1;
proto_item_set_len(item, offset-old_offset);
return offset;
}
static void
dissect_x509ce_invalidityDate_callback(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
{
asn1_ctx_t asn1_ctx;
asn1_ctx_init(&asn1_ctx, ASN1_ENC_BER, TRUE, pinfo);
dissect_x509ce_GeneralizedTime(FALSE, tvb, 0, &asn1_ctx, tree, hf_x509ce_id_ce_invalidityDate);
}
static void
dissect_gnm_attribute_ObjectInstance(tvbuff_t *tvb, packet_info *pinfo, proto_tree *parent_tree)
{
asn1_ctx_t asn1_ctx;
asn1_ctx_init(&asn1_ctx, ASN1_ENC_BER, TRUE, pinfo);
dissect_cmip_ObjectInstance(FALSE, tvb, 0, &asn1_ctx, parent_tree, -1);
}
static void dissect_SafeContents_OCTETSTRING_PDU(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
{
int offset = 0;
asn1_ctx_t asn1_ctx;
asn1_ctx_init(&asn1_ctx, ASN1_ENC_BER, TRUE, pinfo);
offset = strip_octet_string(tvb);
dissect_pkcs12_SafeContents(FALSE, tvb, offset, &asn1_ctx, tree, hf_pkcs12_SafeContents_PDU);
}
static void dissect_AuthenticatedSafe_OCTETSTRING_PDU(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree) {
int offset = 0;
asn1_ctx_t asn1_ctx;
asn1_ctx_init(&asn1_ctx, ASN1_ENC_BER, TRUE, pinfo);
if((offset = strip_octet_string(tvb)) > 0)
dissect_pkcs12_AuthenticatedSafe(FALSE, tvb, offset, &asn1_ctx, tree, hf_pkcs12_AuthenticatedSafe_PDU);
else
proto_tree_add_text(tree, tvb, 0, 1, "BER Error: OCTET STRING expected");
}
static void
dissect_id3v1(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
{
asn1_ctx_t asn1_ctx;
col_set_str(pinfo->cinfo, COL_PROTOCOL, "ID3v1");
col_clear(pinfo->cinfo, COL_INFO);
if (tree == NULL)
return;
asn1_ctx_init(&asn1_ctx, ASN1_ENC_PER, TRUE, pinfo);
dissect_mpeg_audio_ID3v1(tvb, 0, &asn1_ctx,
tree, hf_id3v1);
}
/* XXX this one should be broken out later and moved into the conformance file */
static int
dissect_cmip(tvbuff_t *tvb, packet_info *pinfo, proto_tree *parent_tree, void* data)
{
struct SESSION_DATA_STRUCTURE* session;
proto_item *item;
proto_tree *tree;
asn1_ctx_t asn1_ctx;
asn1_ctx_init(&asn1_ctx, ASN1_ENC_BER, TRUE, pinfo);
session = (struct SESSION_DATA_STRUCTURE*)data;
/* do we have spdu type from the session dissector? */
if( !session ){
proto_tree_add_text(parent_tree, tvb, 0, -1,
"Internal error:can't get spdu type from session dissector.");
return 0;
}
if(session->spdu_type == 0 ) {
proto_tree_add_text(parent_tree, tvb, 0, -1,
"Internal error:wrong spdu type %x from session dissector.",session->spdu_type);
return 0;
}
asn1_ctx.private_data = session;
item = proto_tree_add_item(parent_tree, proto_cmip, tvb, 0, -1, ENC_NA);
tree = proto_item_add_subtree(item, ett_cmip);
col_set_str(pinfo->cinfo, COL_PROTOCOL, "CMIP");
col_clear(pinfo->cinfo, COL_INFO);
switch(session->spdu_type){
case SES_CONNECTION_REQUEST:
case SES_CONNECTION_ACCEPT:
case SES_DISCONNECT:
case SES_FINISH:
case SES_REFUSE:
dissect_cmip_CMIPUserInfo(FALSE,tvb,0,&asn1_ctx,tree,-1);
break;
case SES_ABORT:
dissect_cmip_CMIPAbortInfo(FALSE,tvb,0,&asn1_ctx,tree,-1);
break;
case SES_DATA_TRANSFER:
dissect_cmip_ROS(FALSE,tvb,0,&asn1_ctx,tree,-1);
break;
default:
;
}
return tvb_length(tvb);
}
/*
* Dissect GOOSE PDUs inside a PPDU.
*/
static void
dissect_goose(tvbuff_t *tvb, packet_info *pinfo, proto_tree *parent_tree)
{
int offset = 0;
int old_offset;
guint16 data;
proto_item *item = NULL;
proto_tree *tree = NULL;
asn1_ctx_t asn1_ctx;
asn1_ctx_init(&asn1_ctx, ASN1_ENC_BER, TRUE, pinfo);
if (parent_tree){
item = proto_tree_add_item(parent_tree, proto_goose, tvb, 0, -1, FALSE);
tree = proto_item_add_subtree(item, ett_goose);
}
if (check_col(pinfo->cinfo, COL_PROTOCOL))
col_set_str(pinfo->cinfo, COL_PROTOCOL, PNAME);
col_clear(pinfo->cinfo, COL_INFO);
/* APPID */
if (tree && tvb_reported_length_remaining(tvb, offset) >= 2) {
data = tvb_get_ntohs(tvb, offset);
proto_tree_add_uint(tree, hf_goose_appid, tvb, offset, 2, data);
}
/* Length */
if (tree && tvb_reported_length_remaining(tvb, offset) >= 4) {
data = tvb_get_ntohs(tvb, offset + 2);
proto_tree_add_uint(tree, hf_goose_length, tvb, offset + 2, 2, data);
}
/* Reserved 1 */
if (tree && tvb_reported_length_remaining(tvb, offset) >= 6) {
data = tvb_get_ntohs(tvb, offset + 4);
proto_tree_add_uint(tree, hf_goose_reserve1, tvb, offset + 4, 2, data);
}
/* Reserved 2 */
if (tree && tvb_reported_length_remaining(tvb, offset) >= 8) {
data = tvb_get_ntohs(tvb, offset + 6);
proto_tree_add_uint(tree, hf_goose_reserve2, tvb, offset + 6, 2, data);
}
offset = 8;
while (tree && tvb_reported_length_remaining(tvb, offset) > 0){
old_offset = offset;
offset = dissect_goose_GOOSEpdu(FALSE, tvb, offset, &asn1_ctx , tree, -1);
if (offset == old_offset) {
proto_tree_add_text(tree, tvb, offset, -1, "Internal error, zero-byte GOOSE PDU");
break;
}
}
}
/*
* Dissect X420 PDUs inside a PPDU.
*/
static void
dissect_x420(tvbuff_t *tvb, packet_info *pinfo, proto_tree *parent_tree)
{
int offset = 0;
proto_item *item=NULL;
proto_tree *tree=NULL;
asn1_ctx_t asn1_ctx;
asn1_ctx_init(&asn1_ctx, ASN1_ENC_BER, TRUE, pinfo);
if(parent_tree){
item = proto_tree_add_item(parent_tree, proto_x420, tvb, 0, -1, FALSE);
tree = proto_item_add_subtree(item, ett_x420);
}
col_set_str(pinfo->cinfo, COL_PROTOCOL, "P22");
col_set_str(pinfo->cinfo, COL_INFO, "InterPersonal");
dissect_x420_InformationObject(TRUE, tvb, offset, &asn1_ctx , tree, -1);
}
/*
* Dissect STANAG 4406 PDUs inside a PPDU.
*/
static void
dissect_p772(tvbuff_t *tvb, packet_info *pinfo, proto_tree *parent_tree)
{
int offset = 0;
proto_item *item=NULL;
proto_tree *tree=NULL;
asn1_ctx_t asn1_ctx;
asn1_ctx_init(&asn1_ctx, ASN1_ENC_BER, TRUE, pinfo);
if(parent_tree){
item = proto_tree_add_item(parent_tree, proto_p772, tvb, 0, -1, ENC_NA);
tree = proto_item_add_subtree(item, ett_p772);
}
col_set_str(pinfo->cinfo, COL_PROTOCOL, "P772");
col_set_str(pinfo->cinfo, COL_INFO, "Military");
dissect_p772_InformationObject(TRUE, tvb, offset, &asn1_ctx , tree, -1);
}
/*
* Dissect SV PDUs inside a PPDU.
*/
static void
dissect_sv(tvbuff_t *tvb, packet_info *pinfo, proto_tree *parent_tree)
{
int offset = 0;
int old_offset;
proto_item *item;
proto_tree *tree;
asn1_ctx_t asn1_ctx;
asn1_ctx_init(&asn1_ctx, ASN1_ENC_BER, TRUE, pinfo);
item = proto_tree_add_item(parent_tree, proto_sv, tvb, 0, -1, ENC_NA);
tree = proto_item_add_subtree(item, ett_sv);
col_set_str(pinfo->cinfo, COL_PROTOCOL, PNAME);
col_clear(pinfo->cinfo, COL_INFO);
/* APPID */
proto_tree_add_item(tree, hf_sv_appid, tvb, offset, 2, ENC_BIG_ENDIAN);
/* Length */
proto_tree_add_item(tree, hf_sv_length, tvb, offset + 2, 2, ENC_BIG_ENDIAN);
/* Reserved 1 */
proto_tree_add_item(tree, hf_sv_reserve1, tvb, offset + 4, 2, ENC_BIG_ENDIAN);
/* Reserved 2 */
proto_tree_add_item(tree, hf_sv_reserve2, tvb, offset + 6, 2, ENC_BIG_ENDIAN);
offset = 8;
while (tvb_reported_length_remaining(tvb, offset) > 0){
old_offset = offset;
offset = dissect_sv_SampledValues(FALSE, tvb, offset, &asn1_ctx , tree, -1);
if (offset == old_offset) {
proto_tree_add_expert(tree, pinfo, &ei_sv_zero_pdu, tvb, offset, -1);
break;
}
}
if(tree)
tap_queue_packet(sv_tap, pinfo, &sv_data);
}
static int
dissect_ocsp_response(tvbuff_t *tvb, packet_info *pinfo, proto_tree *parent_tree)
{
proto_item *item=NULL;
proto_tree *tree=NULL;
asn1_ctx_t asn1_ctx;
asn1_ctx_init(&asn1_ctx, ASN1_ENC_BER, TRUE, pinfo);
col_set_str(pinfo->cinfo, COL_PROTOCOL, "OCSP");
col_set_str(pinfo->cinfo, COL_INFO, "Response");
if(parent_tree) {
item=proto_tree_add_item(parent_tree, proto_ocsp, tvb, 0, -1, FALSE);
tree = proto_item_add_subtree(item, ett_ocsp);
}
return dissect_ocsp_OCSPResponse(FALSE, tvb, 0, &asn1_ctx, tree, -1);
}
static int
dissect_pkix_crl(tvbuff_t *tvb, packet_info *pinfo, proto_tree *parent_tree)
{
proto_item *item=NULL;
proto_tree *tree=NULL;
asn1_ctx_t asn1_ctx;
asn1_ctx_init(&asn1_ctx, ASN1_ENC_BER, TRUE, pinfo);
col_set_str(pinfo->cinfo, COL_PROTOCOL, "PKIX-CRL");
col_set_str(pinfo->cinfo, COL_INFO, "Certificate Revocation List");
if(parent_tree){
item=proto_tree_add_text(parent_tree, tvb, 0, -1, "Certificate Revocation List");
tree = proto_item_add_subtree(item, ett_pkix_crl);
}
return dissect_x509af_CertificateList(FALSE, tvb, 0, &asn1_ctx, tree, -1);
}
static int
dissect_timestamp_query(tvbuff_t *tvb, packet_info *pinfo, proto_tree *parent_tree)
{
proto_item *item=NULL;
proto_tree *tree=NULL;
asn1_ctx_t asn1_ctx;
asn1_ctx_init(&asn1_ctx, ASN1_ENC_BER, TRUE, pinfo);
col_set_str(pinfo->cinfo, COL_PROTOCOL, "PKIXTSP");
col_set_str(pinfo->cinfo, COL_INFO, "Query");
if(parent_tree){
item=proto_tree_add_item(parent_tree, proto_pkixtsp, tvb, 0, -1, FALSE);
tree = proto_item_add_subtree(item, ett_pkixtsp);
}
return dissect_pkixtsp_TimeStampReq(FALSE, tvb, 0, &asn1_ctx, tree, -1);
}
/*
* Dissect P1 MTS APDU
*/
void
dissect_p1_mts_apdu (tvbuff_t *tvb, packet_info *pinfo, proto_tree *parent_tree)
{
proto_item *item=NULL;
proto_tree *tree=NULL;
asn1_ctx_t asn1_ctx;
asn1_ctx_init(&asn1_ctx, ASN1_ENC_BER, TRUE, pinfo);
/* save parent_tree so subdissectors can create new top nodes */
p1_initialize_content_globals (&asn1_ctx, parent_tree, TRUE);
if(parent_tree){
item = proto_tree_add_item(parent_tree, proto_p1, tvb, 0, -1, ENC_NA);
tree = proto_item_add_subtree(item, ett_p1);
}
col_set_str(pinfo->cinfo, COL_PROTOCOL, "P1");
col_set_str(pinfo->cinfo, COL_INFO, "Transfer");
dissect_p1_MTS_APDU (FALSE, tvb, 0, &asn1_ctx, tree, hf_p1_MTS_APDU_PDU);
p1_initialize_content_globals (&asn1_ctx, NULL, FALSE);
}
static void
dissect_inap(tvbuff_t *tvb, packet_info *pinfo, proto_tree *parent_tree)
{
proto_item *item=NULL;
proto_tree *tree=NULL;
int offset = 0;
asn1_ctx_t asn1_ctx;
asn1_ctx_init(&asn1_ctx, ASN1_ENC_BER, TRUE, pinfo);
col_set_str(pinfo->cinfo, COL_PROTOCOL, "INAP");
/* create display subtree for the protocol */
if(parent_tree){
item = proto_tree_add_item(parent_tree, proto_inap, tvb, 0, -1, ENC_NA);
tree = proto_item_add_subtree(item, ett_inap);
}
inap_pdu_type = tvb_get_guint8(tvb, offset)&0x0f;
/* Get the length and add 2 */
inap_pdu_size = tvb_get_guint8(tvb, offset+1)+2;
opcode = 0;
dissect_inap_ROS(TRUE, tvb, offset, &asn1_ctx, tree, -1);
}
static void
dissect_tcap(tvbuff_t *tvb, packet_info *pinfo, proto_tree *parent_tree)
{
proto_item *item=NULL;
proto_tree *tree=NULL;
struct tcaphash_context_t * p_tcap_context;
dissector_handle_t subdissector_handle;
asn1_ctx_t asn1_ctx;
gint8 class;
gboolean pc;
gint tag;
/* Check if ANSI TCAP and call the ANSI TCAP dissector if that's the case
* PackageType ::= CHOICE { unidirectional [PRIVATE 1] IMPLICIT UniTransactionPDU,
* queryWithPerm [PRIVATE 2] IMPLICIT TransactionPDU,
* queryWithoutPerm [PRIVATE 3] IMPLICIT TransactionPDU,
* response [PRIVATE 4] IMPLICIT TransactionPDU,
* conversationWithPerm [PRIVATE 5] IMPLICIT TransactionPDU,
* conversationWithoutPerm [PRIVATE 6] IMPLICIT TransactionPDU,
* abort [PRIVATE 22] IMPLICIT Abort
* }
*
*
*/
get_ber_identifier(tvb, 0, &class, &pc, &tag);
if(class == BER_CLASS_PRI){
switch(tag){
case 1:
case 2:
case 3:
case 4:
case 5:
case 6:
case 22:
call_dissector(ansi_tcap_handle, tvb, pinfo, parent_tree);
return;
break;
default:
return;
}
}
/* ITU TCAP */
asn1_ctx_init(&asn1_ctx, ASN1_ENC_BER, TRUE, pinfo);
tcap_top_tree = parent_tree;
tcap_stat_tree = NULL;
col_set_str(pinfo->cinfo, COL_PROTOCOL, "TCAP");
/* create display subtree for the protocol */
if(parent_tree){
item = proto_tree_add_item(parent_tree, proto_tcap, tvb, 0, -1, FALSE);
tree = proto_item_add_subtree(item, ett_tcap);
tcap_stat_tree=tree;
}
cur_oid = NULL;
tcapext_oid = NULL;
raz_tcap_private(&tcap_private);
pinfo->private_data = &tcap_private;
gp_tcapsrt_info=tcapsrt_razinfo();
tcap_subdissector_used=FALSE;
gp_tcap_context=NULL;
dissect_tcap_TCMessage(FALSE, tvb, 0, &asn1_ctx, tree, -1);
if (gtcap_HandleSRT && !tcap_subdissector_used ) {
p_tcap_context=tcapsrt_call_matching(tvb, pinfo, tcap_stat_tree, gp_tcapsrt_info);
tcap_private.context=p_tcap_context;
/* If the current message is TCAP only,
* save the Application Context Name for the next messages
*/
if ( p_tcap_context && cur_oid && !p_tcap_context->oid_present ) {
/* Save the application context and the sub dissector */
g_strlcpy(p_tcap_context->oid, cur_oid, sizeof(p_tcap_context->oid));
p_tcap_context->oid_present=TRUE;
if ( (subdissector_handle = dissector_get_string_handle(ber_oid_dissector_table, cur_oid)) ) {
p_tcap_context->subdissector_handle=subdissector_handle;
p_tcap_context->subdissector_present=TRUE;
}
}
if (gtcap_HandleSRT && p_tcap_context && p_tcap_context->callback) {
/* Callback fonction for the upper layer */
(p_tcap_context->callback)(tvb, pinfo, tcap_stat_tree, p_tcap_context);
}
}
}
static int
dissect_gssapi_work(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree,
gboolean is_verifier)
{
proto_item *volatile item;
proto_tree *volatile subtree;
volatile int return_offset = 0;
gssapi_conv_info_t *volatile gss_info;
gssapi_oid_value *oidvalue;
dissector_handle_t handle;
conversation_t *conversation;
tvbuff_t *oid_tvb;
int len, start_offset, oid_start_offset;
volatile int offset;
gint8 appclass;
gboolean pc, ind_field;
gint32 tag;
guint32 len1;
const char *oid;
fragment_data *fd_head=NULL;
gssapi_frag_info_t *fi;
tvbuff_t *volatile gss_tvb=NULL;
asn1_ctx_t asn1_ctx;
void *pd_save;
start_offset=0;
offset=0;
asn1_ctx_init(&asn1_ctx, ASN1_ENC_BER, TRUE, pinfo);
/*
* We don't know whether the data is encrypted, so say it's
* not, for now. The subdissector must set gssapi_data_encrypted
* if it is.
*/
pinfo->gssapi_data_encrypted = FALSE;
/*
* We need a conversation for later
*/
conversation = find_or_create_conversation(pinfo);
gss_info = (gssapi_conv_info_t *)conversation_get_proto_data(conversation, proto_gssapi);
if (!gss_info) {
gss_info = se_new(gssapi_conv_info_t);
gss_info->oid=NULL;
gss_info->do_reassembly=FALSE;
gss_info->frags=se_tree_create_non_persistent(EMEM_TREE_TYPE_RED_BLACK, "gssapi_frags");
conversation_add_proto_data(conversation, proto_gssapi, gss_info);
}
item = proto_tree_add_item(
tree, proto_gssapi, tvb, offset, -1, ENC_NA);
subtree = proto_item_add_subtree(item, ett_gssapi);
/*
* Catch the ReportedBoundsError exception; the stuff we've been
* handed doesn't necessarily run to the end of the packet, it's
* an item inside a packet, so if it happens to be malformed (or
* we, or a dissector we call, has a bug), so that an exception
* is thrown, we want to report the error, but return and let
* our caller dissect the rest of the packet.
*
* If it gets a BoundsError, we can stop, as there's nothing more
* in the packet after our blob to see, so we just re-throw the
* exception.
*/
pd_save = pinfo->private_data;
TRY {
gss_tvb=tvb;
/* First of all, if it's the first time we see this packet
* then check whether we are in the middle of reassembly or not
*/
if( (!pinfo->fd->flags.visited)
&& (gss_info->do_reassembly)
&& (gssapi_reassembly) ){
fi=(gssapi_frag_info_t *)se_tree_lookup32(gss_info->frags, gss_info->first_frame);
if(!fi){
goto done;
}
se_tree_insert32(gss_info->frags, pinfo->fd->num, fi);
fd_head=fragment_add(&gssapi_reassembly_table,
tvb, 0, pinfo, fi->first_frame, NULL,
gss_info->frag_offset,
tvb_length(tvb), TRUE);
gss_info->frag_offset+=tvb_length(tvb);
/* we need more fragments */
if(!fd_head){
goto done;
}
/* this blob is now fully reassembled */
gss_info->do_reassembly=FALSE;
fi->reassembled_in=pinfo->fd->num;
gss_tvb=tvb_new_child_real_data(tvb, fd_head->data, fd_head->datalen, fd_head->datalen);
add_new_data_source(pinfo, gss_tvb, "Reassembled GSSAPI");
}
/* We have seen this packet before.
* Is this blob part of reassembly or a normal blob ?
*/
if( (pinfo->fd->flags.visited)
&& (gssapi_reassembly) ){
fi=(gssapi_frag_info_t *)se_tree_lookup32(gss_info->frags, pinfo->fd->num);
if(fi){
fd_head=fragment_get(&gssapi_reassembly_table,
pinfo, fi->first_frame, NULL);
if(fd_head && (fd_head->flags&FD_DEFRAGMENTED)){
if(pinfo->fd->num==fi->reassembled_in){
proto_item *frag_tree_item;
gss_tvb=tvb_new_child_real_data(tvb, fd_head->data, fd_head->datalen, fd_head->datalen);
add_new_data_source(pinfo, gss_tvb, "Reassembled GSSAPI");
show_fragment_tree(fd_head, &gssapi_frag_items, tree, pinfo, tvb, &frag_tree_item);
} else {
proto_item *it;
it=proto_tree_add_uint(tree, hf_gssapi_reassembled_in, tvb, 0, 0, fi->reassembled_in);
PROTO_ITEM_SET_GENERATED(it);
goto done;
}
}
}
}
/* Read header */
offset = get_ber_identifier(gss_tvb, offset, &appclass, &pc, &tag);
offset = get_ber_length(gss_tvb, offset, &len1, &ind_field);
if (!(appclass == BER_CLASS_APP && pc && tag == 0)) {
/* It could be NTLMSSP, with no OID. This can happen
for anything that microsoft calls 'Negotiate' or GSS-SPNEGO */
if ((tvb_length_remaining(gss_tvb, start_offset)>7) && (tvb_strneql(gss_tvb, start_offset, "NTLMSSP", 7) == 0)) {
return_offset = call_dissector(ntlmssp_handle,
tvb_new_subset_remaining(gss_tvb, start_offset),
pinfo, subtree);
goto done;
}
/* Maybe it's new NTLMSSP payload */
if ((tvb_length_remaining(gss_tvb, start_offset)>16) &&
((tvb_memeql(gss_tvb, start_offset, "\x01\x00\x00\x00", 4) == 0))) {
return_offset = call_dissector(ntlmssp_payload_handle,
tvb_new_subset_remaining(gss_tvb, start_offset),
pinfo, subtree);
pinfo->gssapi_data_encrypted = TRUE;
goto done;
}
if ((tvb_length_remaining(gss_tvb, start_offset)==16) &&
((tvb_memeql(gss_tvb, start_offset, "\x01\x00\x00\x00", 4) == 0))) {
if( is_verifier ) {
return_offset = call_dissector(ntlmssp_verf_handle,
tvb_new_subset_remaining(gss_tvb, start_offset),
pinfo, subtree);
}
else if( pinfo->gssapi_encrypted_tvb ) {
return_offset = call_dissector(ntlmssp_data_only_handle,
tvb_new_subset_remaining(pinfo->gssapi_encrypted_tvb, 0),
pinfo, subtree);
pinfo->gssapi_data_encrypted = TRUE;
}
goto done;
}
/* Maybe it's new GSSKRB5 CFX Wrapping */
if ((tvb_length_remaining(gss_tvb, start_offset)>2) &&
((tvb_memeql(gss_tvb, start_offset, "\04\x04", 2) == 0) ||
(tvb_memeql(gss_tvb, start_offset, "\05\x04", 2) == 0))) {
return_offset = call_dissector(spnego_krb5_wrap_handle,
tvb_new_subset_remaining(gss_tvb, start_offset),
pinfo, subtree);
goto done;
}
/*
* If we do not recognise an Application class,
* then we are probably dealing with an inner context
* token or a wrap token, and we should retrieve the
* gssapi_oid_value pointer from the per-frame data or,
* if there is no per-frame data (as would be the case
* the first time we dissect this frame), from the
* conversation that exists or that we created from
* pinfo (and then make it per-frame data).
* We need to make it per-frame data as there can be
* more than one GSS-API negotiation in a conversation.
*
* Note! We "cheat". Since we only need the pointer,
* we store that as the data. (That's not really
* "cheating" - the per-frame data and per-conversation
* data code doesn't care what you supply as a data
* pointer; it just treats it as an opaque pointer, it
* doesn't dereference it or free what it points to.)
*/
oidvalue = (gssapi_oid_value *)p_get_proto_data(pinfo->fd, proto_gssapi, 0);
if (!oidvalue && !pinfo->fd->flags.visited)
{
/* No handle attached to this frame, but it's the first */
/* pass, so it'd be attached to the conversation. */
oidvalue = gss_info->oid;
if (gss_info->oid)
p_add_proto_data(pinfo->fd, proto_gssapi, 0, gss_info->oid);
}
if (!oidvalue)
{
proto_tree_add_text(subtree, gss_tvb, start_offset, 0,
"Unknown header (class=%d, pc=%d, tag=%d)",
appclass, pc, tag);
return_offset = tvb_length(gss_tvb);
goto done;
} else {
tvbuff_t *oid_tvb_local;
oid_tvb_local = tvb_new_subset_remaining(gss_tvb, start_offset);
if (is_verifier)
handle = oidvalue->wrap_handle;
else
handle = oidvalue->handle;
len = call_dissector(handle, oid_tvb_local, pinfo, subtree);
if (len == 0)
return_offset = tvb_length(gss_tvb);
else
return_offset = start_offset + len;
goto done; /* We are finished here */
}
}
/* Read oid */
oid_start_offset=offset;
offset=dissect_ber_object_identifier_str(FALSE, &asn1_ctx, subtree, gss_tvb, offset, hf_gssapi_oid, &oid);
oidvalue = gssapi_lookup_oid_str(oid);
/* Check if we need reassembly of this blob.
* Only try reassembly for OIDs we recognize
* and when we have the entire tvb
*
* SMB will sometimes split one large GSSAPI blob
* across multiple SMB/SessionSetup commands.
* While we should look at the uid returned in the response
* to the first SessionSetup and use that as a key
* instead for simplicity we assume there will not be several
* such authentication at once on a single tcp session
*/
if( (!pinfo->fd->flags.visited)
&& (oidvalue)
&& (tvb_length(gss_tvb)==tvb_reported_length(gss_tvb))
&& (len1>(guint32)tvb_length_remaining(gss_tvb, oid_start_offset))
&& (gssapi_reassembly) ){
fi=se_new(gssapi_frag_info_t);
fi->first_frame=pinfo->fd->num;
fi->reassembled_in=0;
se_tree_insert32(gss_info->frags, pinfo->fd->num, fi);
fragment_add(&gssapi_reassembly_table,
gss_tvb, 0, pinfo, pinfo->fd->num, NULL,
0, tvb_length(gss_tvb), TRUE);
fragment_set_tot_len(&gssapi_reassembly_table,
pinfo, pinfo->fd->num, NULL, len1+oid_start_offset);
gss_info->do_reassembly=TRUE;
gss_info->first_frame=pinfo->fd->num;
gss_info->frag_offset=tvb_length(gss_tvb);
goto done;
}
/*
* Hand off to subdissector.
*/
if ((oidvalue == NULL) ||
!proto_is_protocol_enabled(oidvalue->proto)) {
/* No dissector for this oid */
proto_tree_add_text(subtree, gss_tvb, oid_start_offset, -1,
"Token object");
return_offset = tvb_length(gss_tvb);
goto done;
}
/* Save a pointer to the data for the OID for the
* GSSAPI protocol for this conversation.
*/
/*
* Now add the proto data ...
* but only if it is not already there.
*/
if(!gss_info->oid){
gss_info->oid=oidvalue;
}
if (is_verifier) {
handle = oidvalue->wrap_handle;
if (handle != NULL) {
oid_tvb = tvb_new_subset_remaining(gss_tvb, offset);
len = call_dissector(handle, oid_tvb, pinfo,
subtree);
if (len == 0)
return_offset = tvb_length(gss_tvb);
else
return_offset = offset + len;
} else {
proto_tree_add_text(subtree, gss_tvb, offset, -1,
"Authentication verifier");
return_offset = tvb_length(gss_tvb);
}
} else {
handle = oidvalue->handle;
if (handle != NULL) {
oid_tvb = tvb_new_subset_remaining(gss_tvb, offset);
len = call_dissector(handle, oid_tvb, pinfo,
subtree);
if (len == 0)
return_offset = tvb_length(gss_tvb);
else
return_offset = offset + len;
} else {
proto_tree_add_text(subtree, gss_tvb, offset, -1,
"Authentication credentials");
return_offset = tvb_length(gss_tvb);
}
}
done:
;
} CATCH_NONFATAL_ERRORS {
/*
* Somebody threw an exception that means that there
* was a problem dissecting the payload; that means
* that a dissector was found, so we don't need to
* dissect the payload as data or update the protocol
* or info columns.
*
* Just show the exception and then drive on to show
* the trailer, after noting that a dissector was found
* and restoring the protocol value that was in effect
* before we called the subdissector.
*
* Restore the private_data structure in case one of the
* called dissectors modified it (and, due to the exception,
* was unable to restore it).
*/
pinfo->private_data = pd_save;
show_exception(gss_tvb, pinfo, tree, EXCEPT_CODE, GET_MESSAGE);
} ENDTRY;
proto_item_set_len(item, return_offset);
return return_offset;
}
/*
* Dissect DOP PDUs inside a ROS PDUs
*/
static void
dissect_dop(tvbuff_t *tvb, packet_info *pinfo, proto_tree *parent_tree)
{
int offset = 0;
int old_offset;
proto_item *item=NULL;
proto_tree *tree=NULL;
int (*dop_dissector)(gboolean implicit_tag _U_, tvbuff_t *tvb, int offset, asn1_ctx_t *actx, proto_tree *tree, int hf_index _U_) = NULL;
char *dop_op_name;
asn1_ctx_t asn1_ctx;
asn1_ctx_init(&asn1_ctx, ASN1_ENC_BER, TRUE, pinfo);
/* do we have operation information from the ROS dissector? */
if( !pinfo->private_data ){
if(parent_tree){
proto_tree_add_text(parent_tree, tvb, offset, -1,
"Internal error: can't get operation information from ROS dissector.");
}
return ;
} else {
session = ( (struct SESSION_DATA_STRUCTURE*)(pinfo->private_data) );
}
if(parent_tree){
item = proto_tree_add_item(parent_tree, proto_dop, tvb, 0, -1, FALSE);
tree = proto_item_add_subtree(item, ett_dop);
}
col_set_str(pinfo->cinfo, COL_PROTOCOL, "DOP");
col_clear(pinfo->cinfo, COL_INFO);
switch(session->ros_op & ROS_OP_MASK) {
case (ROS_OP_BIND | ROS_OP_ARGUMENT): /* BindInvoke */
dop_dissector = dissect_dop_DSAOperationalManagementBindArgument;
dop_op_name = "DSA-Operational-Bind-Argument";
break;
case (ROS_OP_BIND | ROS_OP_RESULT): /* BindResult */
dop_dissector = dissect_dop_DSAOperationalManagementBindResult;
dop_op_name = "DSA-Operational-Bind-Result";
break;
case (ROS_OP_BIND | ROS_OP_ERROR): /* BindError */
dop_dissector = dissect_dop_DSAOperationalManagementBindError;
dop_op_name = "DSA-Operational-Management-Bind-Error";
break;
case (ROS_OP_INVOKE | ROS_OP_ARGUMENT): /* Invoke Argument */
switch(session->ros_op & ROS_OP_OPCODE_MASK) {
case 100: /* establish */
dop_dissector = dissect_dop_EstablishOperationalBindingArgument;
dop_op_name = "Establish-Operational-Binding-Argument";
break;
case 101: /* terminate */
dop_dissector = dissect_dop_TerminateOperationalBindingArgument;
dop_op_name = "Terminate-Operational-Binding-Argument";
break;
case 102: /* modify */
dop_dissector = dissect_dop_ModifyOperationalBindingArgument;
dop_op_name = "Modify-Operational-Binding-Argument";
break;
default:
proto_tree_add_text(tree, tvb, offset, -1,"Unsupported DOP Argument opcode (%d)",
session->ros_op & ROS_OP_OPCODE_MASK);
break;
}
break;
case (ROS_OP_INVOKE | ROS_OP_RESULT): /* Return Result */
switch(session->ros_op & ROS_OP_OPCODE_MASK) {
case 100: /* establish */
dop_dissector = dissect_dop_EstablishOperationalBindingResult;
dop_op_name = "Establish-Operational-Binding-Result";
break;
case 101: /* terminate */
dop_dissector = dissect_dop_TerminateOperationalBindingResult;
dop_op_name = "Terminate-Operational-Binding-Result";
break;
case 102: /* modify */
dop_dissector = dissect_dop_ModifyOperationalBindingResult;
dop_op_name = "Modify-Operational-Binding-Result";
break;
default:
proto_tree_add_text(tree, tvb, offset, -1,"Unsupported DOP Result opcode (%d)",
session->ros_op & ROS_OP_OPCODE_MASK);
break;
}
break;
case (ROS_OP_INVOKE | ROS_OP_ERROR): /* Return Error */
switch(session->ros_op & ROS_OP_OPCODE_MASK) {
case 100: /* operational-binding */
dop_dissector = dissect_dop_OpBindingErrorParam;
dop_op_name = "Operational-Binding-Error";
break;
default:
proto_tree_add_text(tree, tvb, offset, -1,"Unsupported DOP Error opcode (%d)",
session->ros_op & ROS_OP_OPCODE_MASK);
break;
}
break;
default:
proto_tree_add_text(tree, tvb, offset, -1,"Unsupported DOP PDU");
return;
}
if(dop_dissector) {
if (check_col(pinfo->cinfo, COL_INFO))
col_set_str(pinfo->cinfo, COL_INFO, dop_op_name);
while (tvb_reported_length_remaining(tvb, offset) > 0){
old_offset=offset;
offset=(*dop_dissector)(FALSE, tvb, offset, &asn1_ctx, tree, -1);
if(offset == old_offset){
proto_tree_add_text(tree, tvb, offset, -1,"Internal error, zero-byte DOP PDU");
break;
}
}
}
}
/*
* Dissect ROS PDUs inside a PPDU.
*/
static int
dissect_ros(tvbuff_t *tvb, packet_info *pinfo, proto_tree *parent_tree, void* data)
{
int offset = 0;
int old_offset;
proto_item *item;
proto_tree *tree;
proto_tree *next_tree=NULL;
conversation_t *conversation;
ros_conv_info_t *ros_info = NULL;
asn1_ctx_t asn1_ctx;
asn1_ctx_init(&asn1_ctx, ASN1_ENC_BER, TRUE, pinfo);
/* save parent_tree so subdissectors can create new top nodes */
top_tree=parent_tree;
/* do we have application context from the acse dissector? */
if( !data){
if(parent_tree){
proto_tree_add_text(parent_tree, tvb, offset, -1,
"Internal error:can't get application context from ACSE dissector.");
}
return 0;
}
asn1_ctx.private_data = data;
conversation = find_or_create_conversation(pinfo);
/*
* Do we already have our info
*/
ros_info = (ros_conv_info_t *)conversation_get_proto_data(conversation, proto_ros);
if (ros_info == NULL) {
/* No. Attach that information to the conversation. */
ros_info = (ros_conv_info_t *)g_malloc(sizeof(ros_conv_info_t));
ros_info->matched=g_hash_table_new(ros_info_hash_matched, ros_info_equal_matched);
ros_info->unmatched=g_hash_table_new(ros_info_hash_unmatched, ros_info_equal_unmatched);
conversation_add_proto_data(conversation, proto_ros, ros_info);
ros_info->next = ros_info_items;
ros_info_items = ros_info;
}
item = proto_tree_add_item(parent_tree, proto_ros, tvb, 0, -1, ENC_NA);
tree = proto_item_add_subtree(item, ett_ros);
col_set_str(pinfo->cinfo, COL_PROTOCOL, "ROS");
col_clear(pinfo->cinfo, COL_INFO);
while (tvb_reported_length_remaining(tvb, offset) > 0){
old_offset=offset;
offset=dissect_ros_ROS(FALSE, tvb, offset, &asn1_ctx , tree, -1);
if(offset == old_offset){
item = proto_tree_add_text(tree, tvb, offset, -1,"Unknown ROS PDU");
if(item){
expert_add_info(pinfo, item, &ei_ros_unknown_ros_pdu);
next_tree=proto_item_add_subtree(item, ett_ros_unknown);
dissect_unknown_ber(pinfo, tvb, offset, next_tree);
}
break;
}
}
return tvb_length(tvb);
}
/*
* Dissect P1 PDUs inside a PPDU.
*/
static int
dissect_p1(tvbuff_t *tvb, packet_info *pinfo, proto_tree *parent_tree, void* data)
{
int offset = 0;
int old_offset;
proto_item *item;
proto_tree *tree;
struct SESSION_DATA_STRUCTURE* session;
int (*p1_dissector)(gboolean implicit_tag _U_, tvbuff_t *tvb, int offset, asn1_ctx_t *actx _U_, proto_tree *tree, int hf_index _U_) = NULL;
const char *p1_op_name;
int hf_p1_index = -1;
asn1_ctx_t asn1_ctx;
asn1_ctx_init(&asn1_ctx, ASN1_ENC_BER, TRUE, pinfo);
/* do we have operation information from the ROS dissector? */
if (data == NULL)
return 0;
session = (struct SESSION_DATA_STRUCTURE*)data;
/* save parent_tree so subdissectors can create new top nodes */
p1_initialize_content_globals (&asn1_ctx, parent_tree, TRUE);
asn1_ctx.private_data = session;
item = proto_tree_add_item(parent_tree, proto_p1, tvb, 0, -1, ENC_NA);
tree = proto_item_add_subtree(item, ett_p1);
col_set_str(pinfo->cinfo, COL_PROTOCOL, "P1");
col_clear(pinfo->cinfo, COL_INFO);
switch(session->ros_op & ROS_OP_MASK) {
case (ROS_OP_BIND | ROS_OP_ARGUMENT): /* BindInvoke */
p1_dissector = dissect_p1_MTABindArgument;
p1_op_name = "Bind-Argument";
hf_p1_index = hf_p1_MTABindArgument_PDU;
break;
case (ROS_OP_BIND | ROS_OP_RESULT): /* BindResult */
p1_dissector = dissect_p1_MTABindResult;
p1_op_name = "Bind-Result";
hf_p1_index = hf_p1_MTABindResult_PDU;
break;
case (ROS_OP_BIND | ROS_OP_ERROR): /* BindError */
p1_dissector = dissect_p1_MTABindError;
p1_op_name = "Bind-Error";
hf_p1_index = hf_p1_MTABindError_PDU;
break;
case (ROS_OP_INVOKE | ROS_OP_ARGUMENT): /* Invoke Argument */
p1_dissector = dissect_p1_MTS_APDU;
p1_op_name = "Transfer";
hf_p1_index = hf_p1_MTS_APDU_PDU;
break;
default:
proto_tree_add_expert(tree, pinfo, &ei_p1_unsupported_pdu, tvb, offset, -1);
return tvb_captured_length(tvb);
}
col_set_str(pinfo->cinfo, COL_INFO, p1_op_name);
while (tvb_reported_length_remaining(tvb, offset) > 0){
old_offset=offset;
offset=(*p1_dissector)(FALSE, tvb, offset, &asn1_ctx , tree, hf_p1_index);
if(offset == old_offset){
proto_tree_add_expert(tree, pinfo, &ei_p1_zero_pdu, tvb, offset, -1);
break;
}
}
p1_initialize_content_globals (&asn1_ctx, NULL, FALSE);
return tvb_captured_length(tvb);
}
/*
* Dissect RTSE PDUs inside a PPDU.
*/
static void
dissect_rtse(tvbuff_t *tvb, packet_info *pinfo, proto_tree *parent_tree)
{
int offset = 0;
int old_offset;
proto_item *item=NULL;
proto_tree *tree=NULL;
proto_tree *next_tree=NULL;
tvbuff_t *next_tvb = NULL;
tvbuff_t *data_tvb = NULL;
fragment_data *frag_msg = NULL;
guint32 fragment_length;
guint32 rtse_id = 0;
gboolean data_handled = FALSE;
conversation_t *conversation = NULL;
asn1_ctx_t asn1_ctx;
asn1_ctx_init(&asn1_ctx, ASN1_ENC_BER, TRUE, pinfo);
/* save parent_tree so subdissectors can create new top nodes */
top_tree=parent_tree;
/* do we have application context from the acse dissector? */
if( !pinfo->private_data ){
if(parent_tree){
proto_tree_add_text(parent_tree, tvb, offset, -1,
"Internal error:can't get application context from ACSE dissector.");
}
return ;
} else {
session = ( (struct SESSION_DATA_STRUCTURE*)(pinfo->private_data) );
}
col_set_str(pinfo->cinfo, COL_PROTOCOL, "RTSE");
col_clear(pinfo->cinfo, COL_INFO);
if (rtse_reassemble &&
((session->spdu_type == SES_DATA_TRANSFER) ||
(session->spdu_type == SES_MAJOR_SYNC_POINT))) {
/* Use conversation index as fragment id */
conversation = find_conversation (pinfo->fd->num,
&pinfo->src, &pinfo->dst, pinfo->ptype,
pinfo->srcport, pinfo->destport, 0);
if (conversation != NULL) {
rtse_id = conversation->index;
}
session->rtse_reassemble = TRUE;
}
if (rtse_reassemble && session->spdu_type == SES_MAJOR_SYNC_POINT) {
frag_msg = fragment_end_seq_next (pinfo, rtse_id, rtse_segment_table,
rtse_reassembled_table);
next_tvb = process_reassembled_data (tvb, offset, pinfo, "Reassembled RTSE",
frag_msg, &rtse_frag_items, NULL, parent_tree);
}
if(parent_tree){
item = proto_tree_add_item(parent_tree, proto_rtse, next_tvb ? next_tvb : tvb, 0, -1, FALSE);
tree = proto_item_add_subtree(item, ett_rtse);
}
if (rtse_reassemble && session->spdu_type == SES_DATA_TRANSFER) {
/* strip off the OCTET STRING encoding - including any CONSTRUCTED OCTET STRING */
dissect_ber_octet_string(FALSE, &asn1_ctx, tree, tvb, offset, hf_rtse_segment_data, &data_tvb);
if (data_tvb) {
fragment_length = tvb_length_remaining (data_tvb, 0);
proto_item_append_text(asn1_ctx.created_item, " (%u byte%s)", fragment_length,
plurality(fragment_length, "", "s"));
frag_msg = fragment_add_seq_next (data_tvb, 0, pinfo,
rtse_id, rtse_segment_table,
rtse_reassembled_table, fragment_length, TRUE);
if (frag_msg && pinfo->fd->num != frag_msg->reassembled_in) {
/* Add a "Reassembled in" link if not reassembled in this frame */
proto_tree_add_uint (tree, *(rtse_frag_items.hf_reassembled_in),
data_tvb, 0, 0, frag_msg->reassembled_in);
}
pinfo->fragmented = TRUE;
data_handled = TRUE;
} else {
fragment_length = tvb_length_remaining (tvb, offset);
}
if (check_col(pinfo->cinfo, COL_INFO))
col_append_fstr(pinfo->cinfo, COL_INFO, "[RTSE fragment, %u byte%s]",
fragment_length, plurality(fragment_length, "", "s"));
} else if (rtse_reassemble && session->spdu_type == SES_MAJOR_SYNC_POINT) {
if (next_tvb) {
/* ROS won't do this for us */
session->ros_op = (ROS_OP_INVOKE | ROS_OP_ARGUMENT);
offset=dissect_ber_external_type(FALSE, tree, next_tvb, 0, &asn1_ctx, -1, call_rtse_external_type_callback);
} else {
offset = tvb_length (tvb);
}
pinfo->fragmented = FALSE;
data_handled = TRUE;
}
if (!data_handled) {
while (tvb_reported_length_remaining(tvb, offset) > 0){
old_offset=offset;
offset=dissect_rtse_RTSE_apdus(TRUE, tvb, offset, &asn1_ctx, tree, -1);
if(offset == old_offset){
item = proto_tree_add_text(tree, tvb, offset, -1, "Unknown RTSE PDU");
if(item){
expert_add_info_format (pinfo, item, PI_UNDECODED, PI_WARN, "Unknown RTSE PDU");
next_tree=proto_item_add_subtree(item, ett_rtse_unknown);
dissect_unknown_ber(pinfo, tvb, offset, next_tree);
}
offset = tvb_length(tvb);
break;
}
}
}
top_tree = NULL;
}
/*
* Dissect X518 PDUs inside a ROS PDUs
*/
static int
dissect_dsp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *parent_tree, void* data)
{
int offset = 0;
int old_offset;
proto_item *item;
proto_tree *tree;
struct SESSION_DATA_STRUCTURE* session;
int (*dsp_dissector)(gboolean implicit_tag _U_, tvbuff_t *tvb, int offset, asn1_ctx_t *actx, proto_tree *tree, int hf_index _U_) = NULL;
const char *dsp_op_name;
asn1_ctx_t asn1_ctx;
asn1_ctx_init(&asn1_ctx, ASN1_ENC_BER, TRUE, pinfo);
/* do we have operation information from the ROS dissector? */
if( data == NULL ){
if(parent_tree){
proto_tree_add_text(parent_tree, tvb, offset, -1,
"Internal error: can't get operation information from ROS dissector.");
}
return 0;
}
session = ( (struct SESSION_DATA_STRUCTURE*)data);
item = proto_tree_add_item(parent_tree, proto_dsp, tvb, 0, -1, ENC_NA);
tree = proto_item_add_subtree(item, ett_dsp);
col_set_str(pinfo->cinfo, COL_PROTOCOL, "DAP");
col_clear(pinfo->cinfo, COL_INFO);
asn1_ctx.private_data = session;
switch(session->ros_op & ROS_OP_MASK) {
case (ROS_OP_BIND | ROS_OP_ARGUMENT): /* BindInvoke */
dsp_dissector = dissect_dsp_DSASystemBindArgument;
dsp_op_name = "System-Bind-Argument";
break;
case (ROS_OP_BIND | ROS_OP_RESULT): /* BindResult */
dsp_dissector = dissect_dsp_DSASystemBindResult;
dsp_op_name = "System-Bind-Result";
break;
case (ROS_OP_BIND | ROS_OP_ERROR): /* BindError */
dsp_dissector = dissect_dsp_DSASystemBindError;
dsp_op_name = "System-Bind-Error";
break;
case (ROS_OP_INVOKE | ROS_OP_ARGUMENT): /* Invoke Argument */
switch(session->ros_op & ROS_OP_OPCODE_MASK) {
case 1: /* read */
dsp_dissector = dissect_dsp_ChainedReadArgument;
dsp_op_name = "Chained-Read-Argument";
break;
case 2: /* compare */
dsp_dissector = dissect_dsp_ChainedCompareArgument;
dsp_op_name = "Chained-Compare-Argument";
break;
case 3: /* abandon */
dsp_dissector = dissect_dsp_ChainedAbandonArgument;
dsp_op_name = "Chained-Abandon-Argument";
break;
case 4: /* list */
dsp_dissector = dissect_dsp_ChainedListArgument;
dsp_op_name = "Chained-List-Argument";
break;
case 5: /* search */
dsp_dissector = dissect_dsp_ChainedSearchArgument;
dsp_op_name = "Chained-Search-Argument";
break;
case 6: /* addEntry */
dsp_dissector = dissect_dsp_ChainedAddEntryArgument;
dsp_op_name = "Chained-Add-Entry-Argument";
break;
case 7: /* removeEntry */
dsp_dissector = dissect_dsp_ChainedRemoveEntryArgument;
dsp_op_name = "Chained-Remove-Entry-Argument";
break;
case 8: /* modifyEntry */
dsp_dissector = dissect_dsp_ChainedModifyEntryArgument;
dsp_op_name = "ChainedModify-Entry-Argument";
break;
case 9: /* modifyDN */
dsp_dissector = dissect_dsp_ChainedModifyDNArgument;
dsp_op_name = "ChainedModify-DN-Argument";
break;
default:
proto_tree_add_text(tree, tvb, offset, -1,"Unsupported DSP opcode (%d)",
session->ros_op & ROS_OP_OPCODE_MASK);
break;
}
break;
case (ROS_OP_INVOKE | ROS_OP_RESULT): /* Return Result */
switch(session->ros_op & ROS_OP_OPCODE_MASK) {
case 1: /* read */
dsp_dissector = dissect_dsp_ChainedReadResult;
dsp_op_name = "Chained-Read-Result";
break;
case 2: /* compare */
dsp_dissector = dissect_dsp_ChainedCompareResult;
dsp_op_name = "Chained-Compare-Result";
break;
case 3: /* abandon */
dsp_dissector = dissect_dsp_ChainedAbandonResult;
dsp_op_name = "Chained-Abandon-Result";
break;
case 4: /* list */
dsp_dissector = dissect_dsp_ChainedListResult;
dsp_op_name = "Chained-List-Result";
break;
case 5: /* search */
dsp_dissector = dissect_dsp_ChainedSearchResult;
dsp_op_name = "Chained-Search-Result";
break;
case 6: /* addEntry */
dsp_dissector = dissect_dsp_ChainedAddEntryResult;
dsp_op_name = "Chained-Add-Entry-Result";
break;
case 7: /* removeEntry */
dsp_dissector = dissect_dsp_ChainedRemoveEntryResult;
dsp_op_name = "Chained-Remove-Entry-Result";
break;
case 8: /* modifyEntry */
dsp_dissector = dissect_dsp_ChainedModifyEntryResult;
dsp_op_name = "Chained-Modify-Entry-Result";
break;
case 9: /* modifyDN */
dsp_dissector = dissect_dsp_ChainedModifyDNResult;
dsp_op_name = "ChainedModify-DN-Result";
break;
default:
proto_tree_add_text(tree, tvb, offset, -1,"Unsupported DSP opcode");
break;
}
break;
case (ROS_OP_INVOKE | ROS_OP_ERROR): /* Return Error */
switch(session->ros_op & ROS_OP_OPCODE_MASK) {
case 1: /* attributeError */
dsp_dissector = dissect_dap_AttributeError;
dsp_op_name = "Attribute-Error";
break;
case 2: /* nameError */
dsp_dissector = dissect_dap_NameError;
dsp_op_name = "Name-Error";
break;
case 3: /* serviceError */
dsp_dissector = dissect_dap_ServiceError;
dsp_op_name = "Service-Error";
break;
case 4: /* referral */
dsp_dissector = dissect_dap_Referral;
dsp_op_name = "Referral";
break;
case 5: /* abandoned */
dsp_dissector = dissect_dap_Abandoned;
dsp_op_name = "Abandoned";
break;
case 6: /* securityError */
dsp_dissector = dissect_dap_SecurityError;
dsp_op_name = "Security-Error";
break;
case 7: /* abandonFailed */
dsp_dissector = dissect_dap_AbandonFailedError;
dsp_op_name = "Abandon-Failed-Error";
break;
case 8: /* updateError */
dsp_dissector = dissect_dap_UpdateError;
dsp_op_name = "Update-Error";
break;
case 9: /* DSAReferral */
dsp_dissector = dissect_dsp_DSAReferral;
dsp_op_name = "DSA-Referral";
break;
default:
proto_tree_add_text(tree, tvb, offset, -1,"Unsupported DSP errcode");
break;
}
break;
default:
proto_tree_add_text(tree, tvb, offset, -1,"Unsupported DSP PDU");
return tvb_length(tvb);
}
if(dsp_dissector) {
col_set_str(pinfo->cinfo, COL_INFO, dsp_op_name);
while (tvb_reported_length_remaining(tvb, offset) > 0){
old_offset=offset;
offset=(*dsp_dissector)(FALSE, tvb, offset, &asn1_ctx, tree, -1);
if(offset == old_offset){
proto_tree_add_text(tree, tvb, offset, -1,"Internal error, zero-byte DSP PDU");
break;
}
}
}
return tvb_length(tvb);
}
static gboolean
dissect_parameter(tvbuff_t *tvb, int offset, proto_tree *tree,
proto_tree *param_tree, packet_info *pinfo, guint8 param_type,
guint16 param_len, guint8 *enclosure_item_flags,
struct SESSION_DATA_STRUCTURE *session)
{
gboolean has_user_information = TRUE;
guint16 flags;
proto_item *tf;
proto_tree *flags_tree;
asn1_ctx_t asn1_ctx;
asn1_ctx_init(&asn1_ctx, ASN1_ENC_BER, TRUE, pinfo);
switch (param_type)
{
case Called_SS_user_Reference:
if (param_len == 0)
break;
if (tree)
{
proto_tree_add_item(param_tree,
hf_called_ss_user_reference,
tvb, offset, param_len, ENC_NA);
}
break;
case Calling_SS_user_Reference:
if (param_len == 0)
break;
if (tree)
{
proto_tree_add_item(param_tree,
hf_calling_ss_user_reference,
tvb, offset, param_len, ENC_NA);
}
break;
case Common_Reference:
if (param_len == 0)
break;
if (tree)
{
proto_tree_add_item(param_tree,
hf_common_reference,
tvb, offset, param_len, ENC_NA);
}
break;
case Additional_Reference_Information:
if (param_len == 0)
break;
if (tree)
{
proto_tree_add_item(param_tree,
hf_additional_reference_information,
tvb, offset, param_len, ENC_NA);
}
break;
case Token_Item:
if (param_len != 1)
{
proto_tree_add_text(param_tree, tvb, offset,
param_len, "Length is %u, should be 1",
param_len);
break;
}
if (tree)
{
flags = tvb_get_guint8(tvb, offset);
tf = proto_tree_add_uint(param_tree,
hf_token_item_options_flags, tvb, offset, 1,
flags);
flags_tree = proto_item_add_subtree(tf,
ett_token_item_flags);
proto_tree_add_boolean(flags_tree, hf_release_token,
tvb, offset, 1, flags);
proto_tree_add_boolean(flags_tree,
hf_major_activity_token, tvb, offset, 1, flags);
proto_tree_add_boolean(flags_tree,
hf_synchronize_minor_token, tvb, offset, 1, flags);
proto_tree_add_boolean(flags_tree, hf_data_token, tvb,
offset, 1, flags);
}
break;
case Transport_Disconnect:
if (param_len != 1)
{
proto_tree_add_text(param_tree, tvb, offset,
param_len, "Length is %u, should be 1",
param_len);
break;
}
if (tree)
{
guint8 flags8;
flags8 = tvb_get_guint8(tvb, offset);
if(flags8 & transport_connection_is_released )
{
proto_tree_add_text(param_tree, tvb, offset, 1,
"transport connection is released");
}
else
{
proto_tree_add_text(param_tree, tvb, offset, 1,
"transport connection is kept");
}
if(flags8 & user_abort )
{
proto_tree_add_text(param_tree, tvb, offset, 1,
"user abort");
session->abort_type = SESSION_USER_ABORT;
}
else
{
session->abort_type = SESSION_PROVIDER_ABORT;
}
if(flags8 & protocol_error )
{
proto_tree_add_text(param_tree, tvb, offset, 1,
"protocol error");
}
if(flags8 & no_reason )
{
proto_tree_add_text(param_tree, tvb, offset, 1,
"no reason");
}
if(flags8 & implementation_restriction )
{
proto_tree_add_text(param_tree, tvb, offset, 1,
"implementation restriction");
}
}
break;
case Protocol_Options:
if (param_len != 1)
{
proto_tree_add_text(param_tree, tvb, offset,
param_len, "Length is %u, should be 1",
param_len);
break;
}
if (tree)
{
flags = tvb_get_guint8(tvb, offset);
tf = proto_tree_add_uint(param_tree,
hf_connect_protocol_options_flags, tvb, offset, 1,
flags);
flags_tree = proto_item_add_subtree(tf,
ett_connect_protocol_options_flags);
proto_tree_add_boolean(flags_tree,
hf_able_to_receive_extended_concatenated_SPDU,
tvb, offset, 1, flags);
}
break;
case Session_Requirement:
if (param_len != 2)
{
proto_tree_add_text(param_tree, tvb, offset,
param_len, "Length is %u, should be 2",
param_len);
break;
}
if (tree)
{
flags = tvb_get_ntohs(tvb, offset);
tf = proto_tree_add_uint(param_tree,
hf_session_user_req_flags, tvb, offset, 2,
flags);
flags_tree = proto_item_add_subtree(tf,
ett_ses_req_options_flags);
proto_tree_add_boolean(flags_tree,
hf_session_exception_report, tvb, offset, 2, flags);
proto_tree_add_boolean(flags_tree,
hf_data_separation_function_unit, tvb, offset, 2,
flags);
proto_tree_add_boolean(flags_tree,
hf_symmetric_synchronize_function_unit,
tvb, offset, 2, flags);
proto_tree_add_boolean(flags_tree,
hf_typed_data_function_unit, tvb, offset, 2, flags);
proto_tree_add_boolean(flags_tree,
hf_exception_function_unit, tvb, offset, 2, flags);
proto_tree_add_boolean(flags_tree,
hf_capability_function_unit, tvb, offset, 2, flags);
proto_tree_add_boolean(flags_tree,
hf_negotiated_release_function_unit,
tvb, offset, 2, flags);
proto_tree_add_boolean(flags_tree,
hf_activity_management_function_unit,
tvb, offset, 2, flags);
proto_tree_add_boolean(flags_tree,
hf_resynchronize_function_unit, tvb, offset, 2,
flags);
proto_tree_add_boolean(flags_tree,
hf_major_resynchronize_function_unit,
tvb, offset, 2, flags);
proto_tree_add_boolean(flags_tree,
hf_minor_resynchronize_function_unit,
tvb, offset, 2, flags);
proto_tree_add_boolean(flags_tree,
hf_expedited_data_resynchronize_function_unit,
tvb, offset, 2, flags);
proto_tree_add_boolean(flags_tree,
hf_duplex_function_unit, tvb, offset, 2, flags);
proto_tree_add_boolean(flags_tree,
hf_half_duplex_function_unit,
tvb, offset, 2, flags);
}
break;
case TSDU_Maximum_Size:
if (param_len != 4)
{
proto_tree_add_text(param_tree, tvb, offset,
param_len, "Length is %u, should be 4",
param_len);
break;
}
if (tree)
{
proto_tree_add_item(param_tree,
hf_proposed_tsdu_maximum_size_i2r,
tvb, offset, 2, ENC_BIG_ENDIAN);
proto_tree_add_item(param_tree,
hf_proposed_tsdu_maximum_size_r2i,
tvb, offset+2, 2, ENC_BIG_ENDIAN);
}
break;
case Version_Number:
if (param_len != 1)
{
proto_tree_add_text(param_tree, tvb, offset,
param_len, "Length is %u, should be 1",
param_len);
break;
}
if (tree)
{
flags = tvb_get_guint8(tvb, offset);
tf = proto_tree_add_uint(param_tree,
hf_version_number_options_flags, tvb, offset, 1,
flags);
flags_tree = proto_item_add_subtree(tf,
ett_protocol_version_flags);
proto_tree_add_boolean(flags_tree,
hf_protocol_version_2, tvb, offset, 1, flags);
proto_tree_add_boolean(flags_tree,
hf_protocol_version_1, tvb, offset, 1, flags);
}
break;
case Initial_Serial_Number:
if (param_len == 0)
break;
if (tree)
{
proto_tree_add_item(param_tree,
hf_initial_serial_number,
tvb, offset, param_len, ENC_ASCII|ENC_NA);
}
break;
case EnclosureItem:
if (param_len != 1)
{
proto_tree_add_text(param_tree, tvb, offset,
param_len, "Length is %u, should be 1",
param_len);
break;
}
flags = tvb_get_guint8(tvb, offset);
*enclosure_item_flags = (guint8) flags;
if (tree)
{
tf = proto_tree_add_uint(param_tree,
hf_enclosure_item_options_flags, tvb, offset, 1,
flags);
flags_tree = proto_item_add_subtree(tf,
ett_enclosure_item_flags);
proto_tree_add_boolean(flags_tree, hf_end_of_SSDU,
tvb, offset, 1, flags);
proto_tree_add_boolean(flags_tree, hf_beginning_of_SSDU,
tvb, offset, 1, flags);
}
if (flags & END_SPDU) {
/*
* In Data Transfer and Typed Data SPDUs, (X.225: 8.3.{11,13}.4)
* "The User Information Field shall be present
* if the Enclosure Item is not present, or has
* bit 2 = 0", which presumably means it shall
* *not* be present if the Enclosure item *is*
* present and has bit 2 = 1.
*/
if(!(flags & BEGINNING_SPDU)) {
/* X.225 7.11.2 also states:
* "All DATA TRANSFER SPDUs, except the last DATA TRANSFER SPDU in a sequence greater than one, must have user information"
* So if BEGINNING_SPDU and END_SPDU are set in the enclosure item, then this is presumably a sequence of one and
* consequently there must be user information.
*
* So, there is only no user information if *only* END_SPDU is set.
*/
has_user_information = FALSE;
}
}
break;
case Token_Setting_Item:
if (param_len != 1)
{
proto_tree_add_text(param_tree, tvb, offset,
param_len, "Length is %u, should be 1",
param_len);
break;
}
if (tree)
{
proto_tree_add_item(param_tree,
hf_release_token_setting,
tvb, offset, 1, ENC_BIG_ENDIAN);
proto_tree_add_item(param_tree,
hf_major_activity_token_setting,
tvb, offset, 1, ENC_BIG_ENDIAN);
proto_tree_add_item(param_tree,
hf_synchronize_minor_token_setting,
tvb, offset, 1, ENC_BIG_ENDIAN);
proto_tree_add_item(param_tree,
hf_data_token_setting,
tvb, offset, 1, ENC_BIG_ENDIAN);
}
break;
case Activity_Identifier:
if (param_len == 0)
break;
if (tree)
{
/* 8.3.29.2 The parameter fields shall be as specified in Table 37.
* Activity Identifier m 41 6 octets maximum
*/
proto_tree_add_item(param_tree,
hf_activity_identifier,
tvb, offset, param_len, ENC_NA);
}
break;
case Serial_Number:
if (param_len == 0)
break;
if (tree)
{
proto_tree_add_item(param_tree,
hf_serial_number,
tvb, offset, param_len, ENC_ASCII|ENC_NA);
}
break;
case Reason_Code:
/*
0: Rejection by called SS-user; reason not specified.
1: Rejection by called SS-user due to temporary congestion.
2: Rejection by called SS-user. Subsequent octets may be used for user data
up to a length of 512 octets if Protocol Version 1 has been selected, and up
to a length such that the total length (including SI and LI) of the SPDU
does not exceed 65 539 octets if Protocol Version 2 has been selected.
128 + 1: Session Selector unknown.
128 + 2: SS-user not attached to SSAP.
128 + 3: SPM congestion at connect time.
128 + 4: Proposed protocol versions not supported.
128 + 5: Rejection by the SPM; reason not specified.
128 + 6: Rejection by the SPM; implementation restriction stated in the
PICS. */
if (param_len < 1)
{
proto_tree_add_text(param_tree, tvb, offset,
param_len, "Length is %u, should be >= 1",
param_len);
break;
}
if (tree)
{
guint8 reason_code;
reason_code = tvb_get_guint8(tvb, offset);
proto_tree_add_text(param_tree, tvb, offset, 1,
"Reason Code: %s",
val_to_str(reason_code, reason_vals, "Unknown (%u)"));
}
offset++;
param_len--;
if (param_len != 0)
{
call_pres_dissector(tvb, offset, param_len,
pinfo, tree, param_tree, session);
}
break;
case Calling_Session_Selector:
if (param_len == 0)
break;
if (tree)
{
proto_tree_add_item(param_tree,
hf_calling_session_selector,
tvb, offset, param_len, ENC_NA);
}
break;
case Called_Session_Selector:
if (param_len == 0)
break;
if (tree)
{
proto_tree_add_item(param_tree,
hf_called_session_selector,
tvb, offset, param_len, ENC_NA);
}
break;
case Second_Serial_Number:
if (param_len == 0)
break;
if (tree)
{
proto_tree_add_item(param_tree,
hf_second_serial_number,
tvb, offset, param_len, ENC_ASCII|ENC_NA);
}
break;
case Second_Initial_Serial_Number:
if (param_len == 0)
break;
if (tree)
{
proto_tree_add_item(param_tree,
hf_second_initial_serial_number,
tvb, offset, param_len, ENC_ASCII|ENC_NA);
}
break;
case Large_Initial_Serial_Number:
if (param_len == 0)
break;
if (tree)
{
proto_tree_add_item(param_tree,
hf_large_initial_serial_number,
tvb, offset, param_len, ENC_ASCII|ENC_NA);
}
break;
case Large_Second_Initial_Serial_Number:
if (param_len == 0)
break;
if (tree)
{
proto_tree_add_item(param_tree,
hf_large_second_initial_serial_number,
tvb, offset, param_len, ENC_ASCII|ENC_NA);
}
break;
default:
break;
}
return has_user_information;
}
static int dissect_cmp_tcp_pdu(tvbuff_t *tvb, packet_info *pinfo, proto_tree *parent_tree)
{
tvbuff_t *next_tvb;
guint32 pdu_len;
guint8 pdu_type;
nstime_t ts;
proto_item *item=NULL;
proto_item *ti=NULL;
proto_tree *tree=NULL;
proto_tree *tcptrans_tree=NULL;
asn1_ctx_t asn1_ctx;
int offset=0;
asn1_ctx_init(&asn1_ctx, ASN1_ENC_BER, TRUE, pinfo);
col_set_str(pinfo->cinfo, COL_PROTOCOL, "CMP");
col_set_str(pinfo->cinfo, COL_INFO, "PKIXCMP");
if(parent_tree){
item=proto_tree_add_item(parent_tree, proto_cmp, tvb, 0, -1, ENC_NA);
tree = proto_item_add_subtree(item, ett_cmp);
}
pdu_len=tvb_get_ntohl(tvb, 0);
pdu_type=tvb_get_guint8(tvb, 4);
if (pdu_type < 10) {
/* RFC2510 TCP transport */
ti = proto_tree_add_item(tree, proto_cmp, tvb, offset, 5, ENC_NA);
tcptrans_tree = proto_item_add_subtree(ti, ett_cmp);
proto_tree_add_item(tree, hf_cmp_tcptrans_len, tvb, offset, 4, ENC_BIG_ENDIAN);
offset += 4;
proto_tree_add_item(tree, hf_cmp_tcptrans_type, tvb, offset++, 1, ENC_BIG_ENDIAN);
} else {
/* post RFC2510 TCP transport - the former "type" field is now "version" */
ti = proto_tree_add_text(tree, tvb, offset, 7, "TCP transport");
tcptrans_tree = proto_item_add_subtree(ti, ett_cmp);
pdu_type=tvb_get_guint8(tvb, 6);
proto_tree_add_item(tcptrans_tree, hf_cmp_tcptrans_len, tvb, offset, 4, ENC_BIG_ENDIAN);
offset += 4;
proto_tree_add_item(tcptrans_tree, hf_cmp_tcptrans10_version, tvb, offset++, 1, ENC_BIG_ENDIAN);
proto_tree_add_item(tcptrans_tree, hf_cmp_tcptrans10_flags, tvb, offset++, 1, ENC_BIG_ENDIAN);
proto_tree_add_item(tcptrans_tree, hf_cmp_tcptrans_type, tvb, offset++, 1, ENC_BIG_ENDIAN);
}
col_add_str (pinfo->cinfo, COL_INFO, val_to_str (pdu_type, cmp_pdu_types, "0x%x"));
switch(pdu_type){
case CMP_TYPE_PKIMSG:
next_tvb = tvb_new_subset(tvb, offset, tvb_length_remaining(tvb, offset), pdu_len);
dissect_cmp_pdu(next_tvb, tree, &asn1_ctx);
offset += tvb_length_remaining(tvb, offset);
break;
case CMP_TYPE_POLLREP:
proto_tree_add_item(tcptrans_tree, hf_cmp_tcptrans_poll_ref, tvb, offset, 4, ENC_BIG_ENDIAN);
offset += 4;
ts.secs = tvb_get_ntohl(tvb, 4);
ts.nsecs = 0;
proto_tree_add_time(tcptrans_tree, hf_cmp_tcptrans_ttcb, tvb, offset, 4, &ts);
offset += 4;
break;
case CMP_TYPE_POLLREQ:
proto_tree_add_item(tcptrans_tree, hf_cmp_tcptrans_poll_ref, tvb, offset, 4, ENC_BIG_ENDIAN);
offset += 4;
break;
case CMP_TYPE_NEGPOLLREP:
break;
case CMP_TYPE_PARTIALMSGREP:
proto_tree_add_item(tcptrans_tree, hf_cmp_tcptrans_next_poll_ref, tvb, offset, 4, ENC_BIG_ENDIAN);
offset += 4;
ts.secs = tvb_get_ntohl(tvb, 4);
ts.nsecs = 0;
proto_tree_add_time(tcptrans_tree, hf_cmp_tcptrans_ttcb, tvb, offset, 4, &ts);
offset += 4;
next_tvb = tvb_new_subset(tvb, offset, tvb_length_remaining(tvb, offset), pdu_len);
dissect_cmp_pdu(next_tvb, tree, &asn1_ctx);
offset += tvb_length_remaining(tvb, offset);
break;
case CMP_TYPE_FINALMSGREP:
next_tvb = tvb_new_subset(tvb, offset, tvb_length_remaining(tvb, offset), pdu_len);
dissect_cmp_pdu(next_tvb, tree, &asn1_ctx);
offset += tvb_length_remaining(tvb, offset);
break;
case CMP_TYPE_ERRORMSGREP:
/*XXX to be added*/
break;
}
return offset;
}
static int
dissect_smrse(tvbuff_t *tvb, packet_info *pinfo, proto_tree *parent_tree)
{
proto_item *item = NULL;
proto_tree *tree = NULL;
guint8 reserved, tag;
guint16 length;
int offset=0;
asn1_ctx_t asn1_ctx;
asn1_ctx_init(&asn1_ctx, ASN1_ENC_BER, TRUE, pinfo);
reserved=tvb_get_guint8(tvb, 0);
length=tvb_get_ntohs(tvb,1);
tag=tvb_get_guint8(tvb, 3);
if( reserved!= 126 )
return 0;
if( (tag<1)||(tag>11) )
return 0;
if(parent_tree){
item = proto_tree_add_item(parent_tree, proto_smrse, tvb, 0, -1, FALSE);
tree = proto_item_add_subtree(item, ett_smrse);
}
col_set_str(pinfo->cinfo, COL_PROTOCOL, "SMRSE");
if (check_col(pinfo->cinfo, COL_INFO))
col_set_str(pinfo->cinfo, COL_INFO, val_to_str(tag, tag_vals,"Unknown Tag:0x%02x"));
proto_tree_add_item(tree, hf_smrse_reserved, tvb, 0, 1, FALSE);
proto_tree_add_item(tree, hf_smrse_length, tvb, 1, 2, FALSE);
proto_tree_add_item(tree, hf_smrse_tag, tvb, 3, 1, FALSE);
switch(tag){
case 1:
case 2:
offset=4;
break;
case 3:
offset=dissect_smrse_SMR_Bind(FALSE, tvb, 4, &asn1_ctx, tree, -1);
break;
case 4:
offset=dissect_smrse_SMR_Bind_Confirm(FALSE, tvb, 4, &asn1_ctx, tree, -1);
break;
case 5:
offset=dissect_smrse_SMR_Bind_Failure(FALSE, tvb, 4, &asn1_ctx, tree, -1);
break;
case 6:
offset=dissect_smrse_SMR_Unbind(FALSE, tvb, 4, &asn1_ctx, tree, -1);
break;
case 7:
offset=dissect_smrse_RPDataMT(FALSE, tvb, 4, &asn1_ctx, tree, -1);
break;
case 8:
offset=dissect_smrse_RPDataMO(FALSE, tvb, 4, &asn1_ctx, tree, -1);
break;
case 9:
offset=dissect_smrse_RPAck(FALSE, tvb, 4, &asn1_ctx, tree, -1);
break;
case 10:
offset=dissect_smrse_RPError(FALSE, tvb, 4, &asn1_ctx, tree, -1);
break;
case 11:
offset=dissect_smrse_RPAlertSC(FALSE, tvb, 4, &asn1_ctx, tree, -1);
break;
}
return offset;
}
/*
* Dissect DISP PDUs inside a ROS PDUs
*/
static void
dissect_disp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *parent_tree)
{
int offset = 0;
int old_offset;
proto_item *item=NULL;
proto_tree *tree=NULL;
int (*disp_dissector)(gboolean implicit_tag _U_, tvbuff_t *tvb, int offset, asn1_ctx_t *actx, proto_tree *tree, int hf_index _U_) = NULL;
const char *disp_op_name;
asn1_ctx_t asn1_ctx;
asn1_ctx_init(&asn1_ctx, ASN1_ENC_BER, TRUE, pinfo);
/* do we have operation information from the ROS dissector? */
if( !pinfo->private_data ){
if(parent_tree){
proto_tree_add_text(parent_tree, tvb, offset, -1,
"Internal error: can't get operation information from ROS dissector.");
}
return ;
} else {
session = ( (struct SESSION_DATA_STRUCTURE*)(pinfo->private_data) );
}
if(parent_tree){
item = proto_tree_add_item(parent_tree, proto_disp, tvb, 0, -1, ENC_NA);
tree = proto_item_add_subtree(item, ett_disp);
}
col_set_str(pinfo->cinfo, COL_PROTOCOL, "DISP");
col_clear(pinfo->cinfo, COL_INFO);
switch(session->ros_op & ROS_OP_MASK) {
case (ROS_OP_BIND | ROS_OP_ARGUMENT): /* BindInvoke */
disp_dissector = dissect_disp_DSAShadowBindArgument;
disp_op_name = "Shadow-Bind-Argument";
break;
case (ROS_OP_BIND | ROS_OP_RESULT): /* BindResult */
disp_dissector = dissect_disp_DSAShadowBindResult;
disp_op_name = "Shadow-Bind-Result";
break;
case (ROS_OP_BIND | ROS_OP_ERROR): /* BindError */
disp_dissector = dissect_disp_DSAShadowBindError;
disp_op_name = "Shadow-Bind-Error";
break;
case (ROS_OP_INVOKE | ROS_OP_ARGUMENT): /* Invoke Argument */
switch(session->ros_op & ROS_OP_OPCODE_MASK) {
case 1: /* requestShadowUpdate */
disp_dissector = dissect_disp_RequestShadowUpdateArgument;
disp_op_name = "Request-Shadow-Update-Argument";
break;
case 2: /* updateShadow*/
disp_dissector = dissect_disp_UpdateShadowArgument;
disp_op_name = "Update-Shadow-Argument";
break;
case 3: /* coordinateShadowUpdate */
disp_dissector = dissect_disp_CoordinateShadowUpdateArgument;
disp_op_name = "Coordinate-Shadow-Update-Argument";
break;
default:
proto_tree_add_text(tree, tvb, offset, -1,"Unsupported DISP opcode (%d)",
session->ros_op & ROS_OP_OPCODE_MASK);
break;
}
break;
case (ROS_OP_INVOKE | ROS_OP_RESULT): /* Return Result */
switch(session->ros_op & ROS_OP_OPCODE_MASK) {
case 1: /* requestShadowUpdate */
disp_dissector = dissect_disp_RequestShadowUpdateResult;
disp_op_name = "Request-Shadow-Result";
break;
case 2: /* updateShadow */
disp_dissector = dissect_disp_UpdateShadowResult;
disp_op_name = "Update-Shadow-Result";
break;
case 3: /* coordinateShadowUpdate */
disp_dissector = dissect_disp_CoordinateShadowUpdateResult;
disp_op_name = "Coordinate-Shadow-Update-Result";
break;
default:
proto_tree_add_text(tree, tvb, offset, -1,"Unsupported DISP opcode (%d)",
session->ros_op & ROS_OP_OPCODE_MASK);
break;
}
break;
case (ROS_OP_INVOKE | ROS_OP_ERROR): /* Return Error */
switch(session->ros_op & ROS_OP_OPCODE_MASK) {
case 1: /* shadowError */
disp_dissector = dissect_disp_ShadowError;
disp_op_name = "Shadow-Error";
break;
default:
proto_tree_add_text(tree, tvb, offset, -1,"Unsupported DISP errcode (%d)",
session->ros_op & ROS_OP_OPCODE_MASK);
break;
}
break;
default:
proto_tree_add_text(tree, tvb, offset, -1,"Unsupported DISP PDU");
return;
}
if(disp_dissector) {
col_set_str(pinfo->cinfo, COL_INFO, disp_op_name);
while (tvb_reported_length_remaining(tvb, offset) > 0){
old_offset=offset;
offset=(*disp_dissector)(FALSE, tvb, offset, &asn1_ctx, tree, -1);
if(offset == old_offset){
proto_tree_add_text(tree, tvb, offset, -1,"Internal error, zero-byte DISP PDU");
break;
}
}
}
}
