guint
ccnxtlvName_Dissect(tvbuff_t *tvb, guint headerfield, proto_tree *tree, guint offset, guint16 tlv_type, guint16 tlv_length)
{
if (tree) {
char * lci = ccnxtlvName_TlvToLci(tvb, offset, tlv_length);
// proto_tree_add_string_format_value(tree, ccnxtlv_GetNameHeaderField(), tvb, offset, tlv_length,
// "", "Type 0x%04x Length %u Value %s",
// tlv_type, tlv_length, lci);
proto_tree_add_string_format_value(tree, headerfield, tvb, offset, tlv_length,
"", "%s", lci);
g_free(lci);
}
return tlv_length;
}
/* ---------------------------------------------- */
static void
dissect_fix_packet(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
{
/* Set up structures needed to add the protocol subtree and manage it */
proto_item *ti;
proto_tree *fix_tree;
int pdu_len;
int offset = 0;
int field_offset, ctrla_offset;
int tag_value;
char *value;
char *tag_str;
fix_parameter *tag;
/* Make entries in Protocol column and Info column on summary display */
col_set_str(pinfo->cinfo, COL_PROTOCOL, "FIX");
col_clear(pinfo->cinfo, COL_INFO);
/* get at least the fix version: 8=FIX.x.x */
if (fix_marker(tvb, 0) != 0) {
/* not a fix packet start but it's a fix packet */
col_set_str(pinfo->cinfo, COL_INFO, "[FIX continuation]");
ti = proto_tree_add_item(tree, proto_fix, tvb, 0, -1, ENC_NA);
fix_tree = proto_item_add_subtree(ti, ett_fix);
proto_tree_add_item(fix_tree, hf_fix_data, tvb, 0, -1, ENC_NA);
return;
}
pdu_len = tvb_reported_length(tvb);
ti = proto_tree_add_item(tree, proto_fix, tvb, 0, -1, ENC_NA);
fix_tree = proto_item_add_subtree(ti, ett_fix);
/* begin string */
ctrla_offset = tvb_find_guint8(tvb, offset, -1, 0x01);
if (ctrla_offset == -1) {
return;
}
offset = ctrla_offset + 1;
/* msg length */
ctrla_offset = tvb_find_guint8(tvb, offset, -1, 0x01);
if (ctrla_offset == -1) {
return;
}
offset = ctrla_offset + 1;
/* msg type */
if (!(tag = fix_param(tvb, offset)) || tag->value_len < 1) {
return;
}
if (check_col(pinfo->cinfo, COL_INFO)) {
const char *msg_type;
value = tvb_get_ephemeral_string(tvb, tag->value_offset, tag->value_len);
msg_type = str_to_str(value, messages_val, "FIX Message (%s)");
col_add_str(pinfo->cinfo, COL_INFO, msg_type);
}
/* In the interest of speed, if "tree" is NULL, don't do any work not
* necessary to generate protocol tree items.
*/
field_offset = 0;
while(field_offset < pdu_len && (tag = fix_param(tvb, field_offset)) ) {
int i, found;
if (tag->tag_len < 1) {
field_offset = tag->ctrla_offset + 1;
continue;
}
tag_str = tvb_get_ephemeral_string(tvb, field_offset, tag->tag_len);
tag_value = atoi(tag_str);
if (tag->value_len < 1) {
proto_tree *field_tree;
/* XXX - put an error indication here. It's too late
to return FALSE; we've already started dissecting,
and if a heuristic dissector starts dissecting
(either updating the columns or creating a protocol
tree) and then gives up, it leaves crud behind that
messes up other dissectors that might process the
packet. */
ti = proto_tree_add_text(fix_tree, tvb, field_offset, tag->field_len, "%i: <missing value>", tag_value);
field_tree = proto_item_add_subtree(ti, ett_badfield);
proto_tree_add_uint(field_tree, hf_fix_field_tag, tvb, field_offset, tag->tag_len, tag_value);
field_offset = tag->ctrla_offset + 1;
continue;
}
/* fix_fields array is sorted by tag_value */
found = 0;
if ((i = tag_search(tag_value)) >= 0) {
found = 1;
}
value = tvb_get_ephemeral_string(tvb, tag->value_offset, tag->value_len);
if (found) {
if (fix_fields[i].table) {
if (tree) {
switch (fix_fields[i].type) {
case 1: /* strings */
proto_tree_add_string_format_value(fix_tree, fix_fields[i].hf_id, tvb, field_offset, tag->field_len, value,
"%s (%s)", value, str_to_str(value, fix_fields[i].table, "unknown %s"));
break;
case 2: /* char */
proto_tree_add_string_format_value(fix_tree, fix_fields[i].hf_id, tvb, field_offset, tag->field_len, value,
"%s (%s)", value, val_to_str(*value, fix_fields[i].table, "unknown %d"));
break;
default:
proto_tree_add_string_format_value(fix_tree, fix_fields[i].hf_id, tvb, field_offset, tag->field_len, value,
"%s (%s)", value, val_to_str(atoi(value), fix_fields[i].table, "unknown %d"));
break;
}
}
}
else {
proto_item *item;
/* checksum */
switch(tag_value) {
case 10:
{
proto_tree *checksum_tree;
guint8 sum = 0;
const guint8 *data = tvb_get_ptr(tvb, 0, field_offset);
gboolean sum_ok;
int j;
for (j = 0; j < field_offset; j++, data++) {
sum += *data;
}
sum_ok = (atoi(value) == sum);
if (sum_ok) {
item = proto_tree_add_string_format_value(fix_tree, fix_fields[i].hf_id, tvb, field_offset, tag->field_len,
value, "%s [correct]", value);
}
else {
item = proto_tree_add_string_format_value(fix_tree, fix_fields[i].hf_id, tvb, field_offset, tag->field_len,
value, "%s [incorrect should be %d]", value, sum);
}
checksum_tree = proto_item_add_subtree(item, ett_checksum);
item = proto_tree_add_boolean(checksum_tree, hf_fix_checksum_good, tvb, field_offset, tag->field_len, sum_ok);
PROTO_ITEM_SET_GENERATED(item);
item = proto_tree_add_boolean(checksum_tree, hf_fix_checksum_bad, tvb, field_offset, tag->field_len, !sum_ok);
PROTO_ITEM_SET_GENERATED(item);
if (!sum_ok)
expert_add_info_format(pinfo, item, PI_CHECKSUM, PI_ERROR, "Bad checksum");
}
break;
default:
proto_tree_add_string(fix_tree, fix_fields[i].hf_id, tvb, field_offset, tag->field_len, value);
break;
}
}
}
else if (tree) {
proto_tree *field_tree;
/* XXX - it could be -1 if the tag isn't a number */
ti = proto_tree_add_text(fix_tree, tvb, field_offset, tag->field_len, "%i: %s", tag_value, value);
field_tree = proto_item_add_subtree(ti, ett_unknow);
proto_tree_add_uint(field_tree, hf_fix_field_tag, tvb, field_offset, tag->tag_len, tag_value);
proto_tree_add_item(field_tree, hf_fix_field_value, tvb, tag->value_offset, tag->value_len, ENC_ASCII|ENC_NA);
}
field_offset = tag->ctrla_offset + 1;
tag_str = NULL;
}
return;
}
static void
dissect_Commit(tvbuff_t *tvb, packet_info *pinfo, proto_tree *zrtp_tree) {
unsigned int msg_offset = 12;
unsigned int data_offset = 56;
unsigned char value[5];
int key_type = 0;
/*
0 - other type
1 - "Mult"
2 - "Prsh"
*/
unsigned int offset;
col_set_str(pinfo->cinfo, COL_INFO, "Commit Packet");
proto_tree_add_item(zrtp_tree, hf_zrtp_msg_hash_image, tvb, msg_offset+12, 32, ENC_NA);
/* ZID */
proto_tree_add_item(zrtp_tree, hf_zrtp_msg_zid, tvb, data_offset+0, 12, ENC_NA);
tvb_memcpy(tvb, (void *)value, data_offset+12, 4);
value[4] = '\0';
proto_tree_add_string_format_value(zrtp_tree, hf_zrtp_msg_hash, tvb, data_offset+12, 4, value,
"%s", key_to_val(value, 4, zrtp_hash_type_vals, "Unknown hash type %s"));
tvb_memcpy(tvb, (void *)value, data_offset+16, 4);
value[4] = '\0';
proto_tree_add_string_format_value(zrtp_tree, hf_zrtp_msg_cipher, tvb, data_offset+16, 4, value, "%s",
key_to_val(value, 4, zrtp_cipher_type_vals, "Unknown cipher type %s"));
tvb_memcpy(tvb, (void *)value, data_offset+20, 4);
value[4] = '\0';
proto_tree_add_string_format(zrtp_tree, hf_zrtp_msg_at, tvb, data_offset+20, 4, value,
"Auth tag: %s", key_to_val(value, 4, zrtp_auth_tag_vals, "Unknown auth tag %s"));
tvb_memcpy(tvb, (void *)value, data_offset+24, 4);
value[4] = '\0';
proto_tree_add_string_format_value(zrtp_tree, hf_zrtp_msg_keya, tvb, data_offset+24, 4, value,
"%s", key_to_val(value, 4, zrtp_key_agreement_vals, "Unknown key agreement %s"));
if(!strncmp(value, "Mult", 4)) {
key_type = 1;
} else if (!strncmp(value, "Prsh", 4)) {
key_type = 2;
}
tvb_memcpy(tvb, (void *)value, data_offset+28, 4);
value[4] = '\0';
proto_tree_add_string_format(zrtp_tree, hf_zrtp_msg_sas, tvb, data_offset+28, 4, value,
"SAS type: %s", key_to_val(value, 4, zrtp_sas_type_vals, "Unknown SAS type %s"));
switch (key_type) {
case 1: /*
Mult
*/
proto_tree_add_item(zrtp_tree, hf_zrtp_msg_nonce, tvb, data_offset+32, 16, ENC_NA);
offset = 48;
break;
case 2: /*
Prsh
*/
proto_tree_add_item(zrtp_tree, hf_zrtp_msg_nonce, tvb, data_offset+32, 16, ENC_NA);
proto_tree_add_item(zrtp_tree, hf_zrtp_msg_key_id, tvb, data_offset+48, 8, ENC_NA);
offset = 56;
break;
default: /*
other
*/
proto_tree_add_item(zrtp_tree, hf_zrtp_msg_hvi, tvb, data_offset+32, 32, ENC_NA);
offset = 64;
break;
}
proto_tree_add_item(zrtp_tree, hf_zrtp_msg_hmac, tvb, data_offset+offset, 8, ENC_NA);
}
/* dissect a response. more work to do here.
*/
static void
display_rsp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *ajp13_tree, ajp13_conv_data* cd)
{
int pos = 0;
guint8 mcode = 0;
int i;
/* MAGIC
*/
if (ajp13_tree)
proto_tree_add_item(ajp13_tree, hf_ajp13_magic, tvb, pos, 2, ENC_NA);
pos+=2;
/* PDU LENGTH
*/
if (ajp13_tree)
proto_tree_add_item(ajp13_tree, hf_ajp13_len, tvb, pos, 2, ENC_BIG_ENDIAN);
pos+=2;
/* MESSAGE TYPE CODE
*/
mcode = tvb_get_guint8(tvb, pos);
col_append_str(pinfo->cinfo, COL_INFO, val_to_str(mcode, mtype_codes, "Unknown message code %u"));
if (ajp13_tree)
proto_tree_add_item(ajp13_tree, hf_ajp13_code, tvb, pos, 1, ENC_BIG_ENDIAN);
pos+=1;
switch (mcode) {
case MTYPE_END_RESPONSE:
if (ajp13_tree)
proto_tree_add_item(ajp13_tree, hf_ajp13_reusep, tvb, pos, 1, ENC_BIG_ENDIAN);
/*pos+=1;*/
break;
case MTYPE_SEND_HEADERS:
{
const gchar *rsmsg;
guint16 rsmsg_len;
guint16 nhdr;
guint16 rcode_num;
/* HTTP RESPONSE STATUS CODE
*/
rcode_num = tvb_get_ntohs(tvb, pos);
col_append_fstr(pinfo->cinfo, COL_INFO, ":%d", rcode_num);
if (ajp13_tree)
proto_tree_add_item(ajp13_tree, hf_ajp13_rstatus, tvb, pos, 2, ENC_BIG_ENDIAN);
pos+=2;
/* HTTP RESPONSE STATUS MESSAGE
*/
rsmsg = ajp13_get_nstring(tvb, pos, &rsmsg_len);
col_append_fstr(pinfo->cinfo, COL_INFO, " %s", rsmsg);
if (ajp13_tree)
proto_tree_add_string(ajp13_tree, hf_ajp13_rsmsg, tvb, pos, rsmsg_len+2, rsmsg);
pos+=rsmsg_len+2;
/* NUMBER OF HEADERS
*/
nhdr = tvb_get_ntohs(tvb, pos);
if (ajp13_tree)
proto_tree_add_item(ajp13_tree, hf_ajp13_nhdr, tvb, pos, 2, ENC_BIG_ENDIAN);
pos+=2;
/* HEADERS
*/
for(i=0; i<nhdr; i++) {
guint8 hcd;
guint8 hid;
const gchar *hval;
guint16 hval_len, hname_len;
const gchar* hname = NULL;
int hpos = pos;
/* int cl = 0; TODO: Content-Length header (encoded by 0x08) is special */
/* HEADER CODE/NAME
*/
hcd = tvb_get_guint8(tvb, pos);
if (hcd == 0xA0) {
pos+=1;
hid = tvb_get_guint8(tvb, pos);
pos+=1;
if (hid >= array_length(rsp_headers))
hid = 0;
hval = ajp13_get_nstring(tvb, pos, &hval_len);
proto_tree_add_string_format_value(ajp13_tree, *rsp_headers[hid],
tvb, hpos, 2+hval_len+2, hval,
"%s", hval);
pos+=hval_len+2;
#if 0
/* TODO: Content-Length header (encoded by 0x08) is special */
if (hid == 0x08)
cl = 1;
#endif
} else {
hname = ajp13_get_nstring(tvb, pos, &hname_len);
pos+=hname_len+2;
hval = ajp13_get_nstring(tvb, pos, &hval_len);
proto_tree_add_string_format(ajp13_tree, hf_ajp13_additional_header,
tvb, hpos, hname_len+2+hval_len+2,
wmem_strdup_printf(wmem_packet_scope(), "%s: %s", hname, hval),
"%s: %s", hname, hval);
pos+=hval_len+2;
}
}
break;
}
case MTYPE_GET_BODY_CHUNK:
{
guint16 rlen;
rlen = tvb_get_ntohs(tvb, pos);
cd->content_length = rlen;
if (ajp13_tree)
proto_tree_add_item(ajp13_tree, hf_ajp13_rlen, tvb, pos, 2, ENC_BIG_ENDIAN);
/*pos+=2;*/
break;
}
case MTYPE_CPONG:
break;
default:
/* MESSAGE DATA (COPOUT)
*/
if (ajp13_tree)
proto_tree_add_item(ajp13_tree, hf_ajp13_data, tvb, pos+2, -1, ENC_UTF_8|ENC_NA);
break;
}
}
/** Dissector for SoupBinTCP messages */
static void
dissect_soupbintcp_common(
tvbuff_t *tvb,
packet_info *pinfo,
proto_tree *tree)
{
struct conv_data *conv_data;
struct pdu_data *pdu_data;
const char *pkt_name;
const char *tmp_buf;
proto_item *ti;
proto_tree *soupbintcp_tree = NULL;
conversation_t *conv = NULL;
guint16 expected_len;
guint8 pkt_type;
gint offset = 0;
guint this_seq = 0, next_seq;
heur_dtbl_entry_t *hdtbl_entry;
/* Get the 16-bit big-endian SOUP packet length */
expected_len = tvb_get_ntohs(tvb, 0);
/* Get the 1-byte SOUP message type */
pkt_type = tvb_get_guint8(tvb, 2);
/* Since we use the packet name a few times, get and save that value */
pkt_name = val_to_str(pkt_type, pkt_type_val, "Unknown (%u)");
/* Set the protocol name in the summary display */
col_set_str(pinfo->cinfo, COL_PROTOCOL, "SoupBinTCP");
/* Set the packet name in the info column */
col_add_str(pinfo->cinfo, COL_INFO, pkt_name);
/* Sequence number tracking
*
* SOUP does not number packets from client to server (the server
* acknowledges all important messages, so the client should use
* the acks to figure out if the server received the message, and
* otherwise resend it).
*
* Packets from server to client are numbered, but it's implicit.
* The Login Accept packet contains the next sequence number that
* the server will send, and the client needs to count the
* Sequenced Data packets that it receives to know what their
* sequence numbers are.
*
* So, we grab the next sequence number from the Login Acceptance
* packet, and save it in a conversation_t we associate with the
* TCP session. Then, for each Sequenced Data packet we receive,
* the first time it's processed (when PINFO_FD_VISITED() is
* false), we write it into the PDU's frame's private data pointer
* and increment the saved sequence number (in the conversation_t).
*
* If the visited flag is true, then we've dissected this packet
* already, and so we can fetch the sequence number from the
* frame's private data area.
*
* In either case, if there's any problem, we report zero as the
* sequence number, and try to continue dissecting. */
/* If first dissection of Login Accept, save sequence number */
if (pkt_type == 'A' && !PINFO_FD_VISITED(pinfo)) {
tmp_buf = tvb_get_string_enc(wmem_packet_scope(), tvb, 13, 20, ENC_ASCII);
next_seq = atoi(tmp_buf);
/* Create new conversation for this session */
conv = conversation_new(PINFO_FD_NUM(pinfo),
&pinfo->src,
&pinfo->dst,
pinfo->ptype,
pinfo->srcport,
pinfo->destport,
0);
/* Store starting sequence number for session's packets */
conv_data = (struct conv_data *)wmem_alloc(wmem_file_scope(), sizeof(struct conv_data));
conv_data->next_seq = next_seq;
conversation_add_proto_data(conv, proto_soupbintcp, conv_data);
}
/* Handle sequence numbering for a Sequenced Data packet */
if (pkt_type == 'S') {
if (!PINFO_FD_VISITED(pinfo)) {
/* Get next expected sequence number from conversation */
conv = find_conversation(PINFO_FD_NUM(pinfo),
&pinfo->src,
&pinfo->dst,
pinfo->ptype,
pinfo->srcport,
pinfo->destport,
0);
if (!conv) {
this_seq = 0;
} else {
conv_data = (struct conv_data *)conversation_get_proto_data(conv,
proto_soupbintcp);
if (conv_data) {
this_seq = conv_data->next_seq++;
} else {
this_seq = 0;
}
pdu_data = (struct pdu_data *)wmem_alloc(
wmem_file_scope(),
sizeof(struct pdu_data));
pdu_data->seq_num = this_seq;
p_add_proto_data(wmem_file_scope(), pinfo, proto_soupbintcp, 0, pdu_data);
}
} else {
pdu_data = (struct pdu_data *)p_get_proto_data(wmem_file_scope(), pinfo, proto_soupbintcp, 0);
if (pdu_data) {
this_seq = pdu_data->seq_num;
} else {
this_seq = 0;
}
}
col_append_fstr(pinfo->cinfo, COL_INFO, ", SeqNum = %u", this_seq);
}
if (tree) {
/* Create sub-tree for SoupBinTCP details */
ti = proto_tree_add_item(tree,
proto_soupbintcp,
tvb, 0, -1, ENC_NA);
soupbintcp_tree = proto_item_add_subtree(ti, ett_soupbintcp);
/* Append the packet name to the sub-tree item */
proto_item_append_text(ti, ", %s", pkt_name);
/* Length */
proto_tree_add_item(soupbintcp_tree,
hf_soupbintcp_packet_length,
tvb, offset, 2, ENC_BIG_ENDIAN);
offset += 2;
/* Type */
proto_tree_add_item(soupbintcp_tree,
hf_soupbintcp_packet_type,
tvb, offset, 1, ENC_BIG_ENDIAN);
offset += 1;
switch (pkt_type) {
case '+': /* Debug Message */
proto_tree_add_item(soupbintcp_tree,
hf_soupbintcp_text,
tvb, offset, expected_len - 1, ENC_ASCII|ENC_NA);
break;
case 'A': /* Login Accept */
proto_tree_add_item(soupbintcp_tree,
hf_soupbintcp_session,
tvb, offset, 10, ENC_ASCII|ENC_NA);
offset += 10;
tmp_buf = tvb_get_string_enc(wmem_packet_scope(), tvb, offset, 20, ENC_ASCII);
proto_tree_add_string_format_value(soupbintcp_tree,
hf_soupbintcp_next_seq_num,
tvb, offset, 20,
"X", "%d", atoi(tmp_buf));
break;
case 'J': /* Login Reject */
proto_tree_add_item(soupbintcp_tree,
hf_soupbintcp_reject_code,
tvb, offset, 1, ENC_BIG_ENDIAN);
break;
case 'U': /* Unsequenced Data */
/* Display handled by sub-dissector */
break;
case 'S': /* Sequenced Data */
proto_item_append_text(ti, ", SeqNum=%u", this_seq);
proto_tree_add_string_format_value(soupbintcp_tree,
hf_soupbintcp_seq_num,
tvb, offset, 0,
"X",
"%u (Calculated)",
this_seq);
/* Display handled by sub-dissector */
break;
case 'L': /* Login Request */
proto_tree_add_item(soupbintcp_tree,
hf_soupbintcp_username,
tvb, offset, 6, ENC_ASCII|ENC_NA);
offset += 6;
proto_tree_add_item(soupbintcp_tree,
hf_soupbintcp_password,
tvb, offset, 10, ENC_ASCII|ENC_NA);
offset += 10;
proto_tree_add_item(soupbintcp_tree,
hf_soupbintcp_session,
tvb, offset, 10, ENC_ASCII|ENC_NA);
offset += 10;
tmp_buf = tvb_get_string_enc(wmem_packet_scope(), tvb, offset, 20, ENC_ASCII);
proto_tree_add_string_format_value(soupbintcp_tree,
hf_soupbintcp_req_seq_num,
tvb, offset, 20,
"X", "%d", atoi(tmp_buf));
break;
case 'H': /* Server Heartbeat */
break;
case 'O': /* Logout Request */
break;
case 'R': /* Client Heartbeat */
break;
case 'Z': /* End of Session */
break;
default:
/* Unknown */
proto_tree_add_item(tree,
hf_soupbintcp_message,
tvb, offset, -1, ENC_NA);
break;
}
}
/* Call sub-dissector for encapsulated data */
if (pkt_type == 'S' || pkt_type == 'U') {
tvbuff_t *sub_tvb;
/* Sub-dissector tvb starts at 3 (length (2) + pkt_type (1)) */
sub_tvb = tvb_new_subset_remaining(tvb, 3);
#if 0 /* XXX: It's not valid for a soupbintcp subdissector to call */
/* conversation_set_dissector() since the conversation is really */
/* a TCP conversation. (A 'soupbintcp' port type would need to */
/* be defined to be able to use conversation_set_dissector()). */
/* In addition, no current soupbintcp subdissector calls */
/* conversation_set_dissector(). */
/* If this packet is part of a conversation, call dissector
* for the conversation if available */
if (try_conversation_dissector(&pinfo->dst, &pinfo->src, pinfo->ptype,
pinfo->srcport, pinfo->destport,
sub_tvb, pinfo, tree, NULL)) {
return;
}
#endif
/* Otherwise, try heuristic dissectors */
if (dissector_try_heuristic(heur_subdissector_list,
sub_tvb,
pinfo,
tree,
&hdtbl_entry,
NULL)) {
return;
}
/* Otherwise, give up, and just print the bytes in hex */
if (tree) {
proto_tree_add_item(soupbintcp_tree,
hf_soupbintcp_message,
sub_tvb, 0, -1,
ENC_NA);
}
}
}
static void
dissect(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, guint32 ip_proto)
{
proto_tree *udp_tree = NULL;
proto_item *ti, *hidden_item, *port_item;
guint len;
guint reported_len;
vec_t cksum_vec[4];
guint32 phdr[2];
guint16 computed_cksum;
int offset = 0;
e_udphdr *udph;
proto_tree *checksum_tree;
proto_item *item;
conversation_t *conv = NULL;
struct udp_analysis *udpd = NULL;
proto_tree *process_tree;
udph=ep_new(e_udphdr);
SET_ADDRESS(&udph->ip_src, pinfo->src.type, pinfo->src.len, pinfo->src.data);
SET_ADDRESS(&udph->ip_dst, pinfo->dst.type, pinfo->dst.len, pinfo->dst.data);
col_set_str(pinfo->cinfo, COL_PROTOCOL, (ip_proto == IP_PROTO_UDP) ? "UDP" : "UDPlite");
col_clear(pinfo->cinfo, COL_INFO);
udph->uh_sport=tvb_get_ntohs(tvb, offset);
udph->uh_dport=tvb_get_ntohs(tvb, offset+2);
col_add_fstr(pinfo->cinfo, COL_INFO, "Source port: %s Destination port: %s",
get_udp_port(udph->uh_sport), get_udp_port(udph->uh_dport));
if (tree) {
if (udp_summary_in_tree) {
if (ip_proto == IP_PROTO_UDP) {
ti = proto_tree_add_protocol_format(tree, proto_udp, tvb, offset, 8,
"User Datagram Protocol, Src Port: %s (%u), Dst Port: %s (%u)",
get_udp_port(udph->uh_sport), udph->uh_sport, get_udp_port(udph->uh_dport), udph->uh_dport);
} else {
ti = proto_tree_add_protocol_format(tree, proto_udplite, tvb, offset, 8,
"Lightweight User Datagram Protocol, Src Port: %s (%u), Dst Port: %s (%u)",
get_udp_port(udph->uh_sport), udph->uh_sport, get_udp_port(udph->uh_dport), udph->uh_dport);
}
} else {
ti = proto_tree_add_item(tree, (ip_proto == IP_PROTO_UDP) ? proto_udp : proto_udplite, tvb, offset, 8, ENC_NA);
}
udp_tree = proto_item_add_subtree(ti, ett_udp);
port_item = proto_tree_add_uint_format(udp_tree, hf_udp_srcport, tvb, offset, 2, udph->uh_sport,
"Source port: %s (%u)", get_udp_port(udph->uh_sport), udph->uh_sport);
/* The beginning port number, 32768 + 666 (33434), is from LBL's traceroute.c source code and this code
* further assumes that 3 attempts are made per hop */
if(udph->uh_sport > 32768 + 666 && udph->uh_sport <= 32768 + 666 + 30)
expert_add_info_format(pinfo, port_item, PI_SEQUENCE, PI_CHAT, "Possible traceroute: hop #%u, attempt #%u",
((udph->uh_sport - 32768 - 666 - 1) / 3) + 1,
((udph->uh_sport - 32768 - 666 - 1) % 3) + 1
);
port_item = proto_tree_add_uint_format(udp_tree, hf_udp_dstport, tvb, offset + 2, 2, udph->uh_dport,
"Destination port: %s (%u)", get_udp_port(udph->uh_dport), udph->uh_dport);
if(udph->uh_dport > 32768 + 666 && udph->uh_dport <= 32768 + 666 + 30)
expert_add_info_format(pinfo, port_item, PI_SEQUENCE, PI_CHAT, "Possible traceroute: hop #%u, attempt #%u",
((udph->uh_dport - 32768 - 666 - 1) / 3) + 1,
((udph->uh_dport - 32768 - 666 - 1) % 3) + 1
);
hidden_item = proto_tree_add_uint(udp_tree, hf_udp_port, tvb, offset, 2, udph->uh_sport);
PROTO_ITEM_SET_HIDDEN(hidden_item);
hidden_item = proto_tree_add_uint(udp_tree, hf_udp_port, tvb, offset+2, 2, udph->uh_dport);
PROTO_ITEM_SET_HIDDEN(hidden_item);
}
if (ip_proto == IP_PROTO_UDP) {
udph->uh_ulen = udph->uh_sum_cov = tvb_get_ntohs(tvb, offset+4);
if (udph->uh_ulen < 8) {
/* Bogus length - it includes the header, so it must be >= 8. */
/* XXX - should handle IPv6 UDP jumbograms (RFC 2675), where the length is zero */
item = proto_tree_add_uint_format(udp_tree, hf_udp_length, tvb, offset + 4, 2,
udph->uh_ulen, "Length: %u (bogus, must be >= 8)", udph->uh_ulen);
expert_add_info_format(pinfo, item, PI_MALFORMED, PI_ERROR, "Bad length value %u < 8", udph->uh_ulen);
col_append_fstr(pinfo->cinfo, COL_INFO, " [BAD UDP LENGTH %u < 8]", udph->uh_ulen);
return;
}
if ((udph->uh_ulen > tvb_reported_length(tvb)) && ! pinfo->fragmented && ! pinfo->flags.in_error_pkt) {
/* Bogus length - it goes past the end of the IP payload */
item = proto_tree_add_uint_format(udp_tree, hf_udp_length, tvb, offset + 4, 2,
udph->uh_ulen, "Length: %u (bogus, payload length %u)", udph->uh_ulen, tvb_reported_length(tvb));
expert_add_info_format(pinfo, item, PI_MALFORMED, PI_ERROR, "Bad length value %u > IP payload length", udph->uh_ulen);
col_append_fstr(pinfo->cinfo, COL_INFO, " [BAD UDP LENGTH %u > IP PAYLOAD LENGTH]", udph->uh_ulen);
} else {
if (tree) {
proto_tree_add_uint(udp_tree, hf_udp_length, tvb, offset + 4, 2, udph->uh_ulen);
/* XXX - why is this here, given that this is UDP, not Lightweight UDP? */
hidden_item = proto_tree_add_uint(udp_tree, hf_udplite_checksum_coverage, tvb, offset + 4,
0, udph->uh_sum_cov);
PROTO_ITEM_SET_HIDDEN(hidden_item);
}
}
} else {
udph->uh_ulen = pinfo->iplen - pinfo->iphdrlen;
udph->uh_sum_cov = tvb_get_ntohs(tvb, offset+4);
if (((udph->uh_sum_cov > 0) && (udph->uh_sum_cov < 8)) || (udph->uh_sum_cov > udph->uh_ulen)) {
/* Bogus length - it includes the header, so it must be >= 8, and no larger then the IP payload size. */
if (tree) {
hidden_item = proto_tree_add_boolean(udp_tree, hf_udplite_checksum_coverage_bad, tvb, offset + 4, 2, TRUE);
PROTO_ITEM_SET_HIDDEN(hidden_item);
hidden_item = proto_tree_add_uint(udp_tree, hf_udp_length, tvb, offset + 4, 0, udph->uh_ulen);
PROTO_ITEM_SET_HIDDEN(hidden_item);
}
item = proto_tree_add_uint_format(udp_tree, hf_udplite_checksum_coverage, tvb, offset + 4, 2,
udph->uh_sum_cov, "Checksum coverage: %u (bogus, must be >= 8 and <= %u (ip.len-ip.hdr_len))",
udph->uh_sum_cov, udph->uh_ulen);
expert_add_info_format(pinfo, item, PI_MALFORMED, PI_ERROR, "Bad checksum coverage length value %u < 8 or > %u",
udph->uh_sum_cov, udph->uh_ulen);
col_append_fstr(pinfo->cinfo, COL_INFO, " [BAD LIGHTWEIGHT UDP CHECKSUM COVERAGE LENGTH %u < 8 or > %u]",
udph->uh_sum_cov, udph->uh_ulen);
if (!udplite_ignore_checksum_coverage)
return;
} else {
if (tree) {
hidden_item = proto_tree_add_uint(udp_tree, hf_udp_length, tvb, offset + 4, 0, udph->uh_ulen);
PROTO_ITEM_SET_HIDDEN(hidden_item);
proto_tree_add_uint(udp_tree, hf_udplite_checksum_coverage, tvb, offset + 4, 2, udph->uh_sum_cov);
}
}
}
udph->uh_sum_cov = (udph->uh_sum_cov) ? udph->uh_sum_cov : udph->uh_ulen;
udph->uh_sum = tvb_get_ntohs(tvb, offset+6);
reported_len = tvb_reported_length(tvb);
len = tvb_length(tvb);
if (udph->uh_sum == 0) {
/* No checksum supplied in the packet. */
if ((ip_proto == IP_PROTO_UDP) && (pinfo->src.type == AT_IPv4)) {
item = proto_tree_add_uint_format(udp_tree, hf_udp_checksum, tvb, offset + 6, 2, 0,
"Checksum: 0x%04x (none)", 0);
checksum_tree = proto_item_add_subtree(item, ett_udp_checksum);
item = proto_tree_add_boolean(checksum_tree, hf_udp_checksum_good, tvb,
offset + 6, 2, FALSE);
PROTO_ITEM_SET_GENERATED(item);
item = proto_tree_add_boolean(checksum_tree, hf_udp_checksum_bad, tvb,
offset + 6, 2, FALSE);
PROTO_ITEM_SET_GENERATED(item);
} else {
item = proto_tree_add_uint_format(udp_tree, hf_udp_checksum, tvb, offset + 6, 2, 0,
"Checksum: 0x%04x (Illegal)", 0);
expert_add_info_format(pinfo, item, PI_CHECKSUM, PI_ERROR, "Illegal Checksum value (0)");
col_append_fstr(pinfo->cinfo, COL_INFO, " [ILLEGAL CHECKSUM (0)]");
checksum_tree = proto_item_add_subtree(item, ett_udp_checksum);
item = proto_tree_add_boolean(checksum_tree, hf_udp_checksum_good, tvb,
offset + 6, 2, FALSE);
PROTO_ITEM_SET_GENERATED(item);
item = proto_tree_add_boolean(checksum_tree, hf_udp_checksum_bad, tvb,
offset + 6, 2, TRUE);
PROTO_ITEM_SET_GENERATED(item);
}
} else if (!pinfo->fragmented && len >= reported_len &&
len >= udph->uh_sum_cov && reported_len >= udph->uh_sum_cov &&
udph->uh_sum_cov >=8) {
/* The packet isn't part of a fragmented datagram and isn't
truncated, so we can checksum it.
XXX - make a bigger scatter-gather list once we do fragment
reassembly? */
if (((ip_proto == IP_PROTO_UDP) && (udp_check_checksum)) ||
((ip_proto == IP_PROTO_UDPLITE) && (udplite_check_checksum))) {
/* Set up the fields of the pseudo-header. */
cksum_vec[0].ptr = (const guint8 *)pinfo->src.data;
cksum_vec[0].len = pinfo->src.len;
cksum_vec[1].ptr = (const guint8 *)pinfo->dst.data;
cksum_vec[1].len = pinfo->dst.len;
cksum_vec[2].ptr = (const guint8 *)&phdr;
switch (pinfo->src.type) {
case AT_IPv4:
if (ip_proto == IP_PROTO_UDP)
phdr[0] = g_htonl((ip_proto<<16) | udph->uh_ulen);
else
phdr[0] = g_htonl((ip_proto<<16) | reported_len);
cksum_vec[2].len = 4;
break;
case AT_IPv6:
if (ip_proto == IP_PROTO_UDP)
phdr[0] = g_htonl(udph->uh_ulen);
else
phdr[0] = g_htonl(reported_len);
phdr[1] = g_htonl(ip_proto);
cksum_vec[2].len = 8;
break;
default:
/* UDP runs only atop IPv4 and IPv6.... */
DISSECTOR_ASSERT_NOT_REACHED();
break;
}
cksum_vec[3].ptr = tvb_get_ptr(tvb, offset, udph->uh_sum_cov);
cksum_vec[3].len = udph->uh_sum_cov;
computed_cksum = in_cksum(&cksum_vec[0], 4);
if (computed_cksum == 0) {
item = proto_tree_add_uint_format(udp_tree, hf_udp_checksum, tvb,
offset + 6, 2, udph->uh_sum, "Checksum: 0x%04x [correct]", udph->uh_sum);
checksum_tree = proto_item_add_subtree(item, ett_udp_checksum);
item = proto_tree_add_boolean(checksum_tree, hf_udp_checksum_good, tvb,
offset + 6, 2, TRUE);
PROTO_ITEM_SET_GENERATED(item);
item = proto_tree_add_boolean(checksum_tree, hf_udp_checksum_bad, tvb,
offset + 6, 2, FALSE);
PROTO_ITEM_SET_GENERATED(item);
} else {
item = proto_tree_add_uint_format(udp_tree, hf_udp_checksum, tvb,
offset + 6, 2, udph->uh_sum,
"Checksum: 0x%04x [incorrect, should be 0x%04x (maybe caused by \"UDP checksum offload\"?)]", udph->uh_sum,
in_cksum_shouldbe(udph->uh_sum, computed_cksum));
checksum_tree = proto_item_add_subtree(item, ett_udp_checksum);
item = proto_tree_add_boolean(checksum_tree, hf_udp_checksum_good, tvb,
offset + 6, 2, FALSE);
PROTO_ITEM_SET_GENERATED(item);
item = proto_tree_add_boolean(checksum_tree, hf_udp_checksum_bad, tvb,
offset + 6, 2, TRUE);
PROTO_ITEM_SET_GENERATED(item);
expert_add_info_format(pinfo, item, PI_CHECKSUM, PI_ERROR, "Bad checksum");
col_append_fstr(pinfo->cinfo, COL_INFO, " [UDP CHECKSUM INCORRECT]");
}
} else {
item = proto_tree_add_uint_format(udp_tree, hf_udp_checksum, tvb,
offset + 6, 2, udph->uh_sum, "Checksum: 0x%04x [validation disabled]", udph->uh_sum);
checksum_tree = proto_item_add_subtree(item, ett_udp_checksum);
item = proto_tree_add_boolean(checksum_tree, hf_udp_checksum_good, tvb,
offset + 6, 2, FALSE);
PROTO_ITEM_SET_GENERATED(item);
item = proto_tree_add_boolean(checksum_tree, hf_udp_checksum_bad, tvb,
offset + 6, 2, FALSE);
PROTO_ITEM_SET_GENERATED(item);
}
} else {
item = proto_tree_add_uint_format(udp_tree, hf_udp_checksum, tvb,
offset + 6, 2, udph->uh_sum, "Checksum: 0x%04x [unchecked, not all data available]", udph->uh_sum);
checksum_tree = proto_item_add_subtree(item, ett_udp_checksum);
item = proto_tree_add_boolean(checksum_tree, hf_udp_checksum_good, tvb,
offset + 6, 2, FALSE);
PROTO_ITEM_SET_GENERATED(item);
item = proto_tree_add_boolean(checksum_tree, hf_udp_checksum_bad, tvb,
offset + 6, 2, FALSE);
PROTO_ITEM_SET_GENERATED(item);
}
/* Skip over header */
offset += 8;
pinfo->ptype = PT_UDP;
pinfo->srcport = udph->uh_sport;
pinfo->destport = udph->uh_dport;
tap_queue_packet(udp_tap, pinfo, udph);
/* find(or create if needed) the conversation for this udp session */
if (udp_process_info) {
conv=find_or_create_conversation(pinfo);
udpd=get_udp_conversation_data(conv,pinfo);
}
if (udpd && ((udpd->fwd && udpd->fwd->command) || (udpd->rev && udpd->rev->command))) {
ti = proto_tree_add_text(udp_tree, tvb, offset, 0, "Process Information");
PROTO_ITEM_SET_GENERATED(ti);
process_tree = proto_item_add_subtree(ti, ett_udp_process_info);
if (udpd->fwd && udpd->fwd->command) {
proto_tree_add_uint_format_value(process_tree, hf_udp_proc_dst_uid, tvb, 0, 0,
udpd->fwd->process_uid, "%u", udpd->fwd->process_uid);
proto_tree_add_uint_format_value(process_tree, hf_udp_proc_dst_pid, tvb, 0, 0,
udpd->fwd->process_pid, "%u", udpd->fwd->process_pid);
proto_tree_add_string_format_value(process_tree, hf_udp_proc_dst_uname, tvb, 0, 0,
udpd->fwd->username, "%s", udpd->fwd->username);
proto_tree_add_string_format_value(process_tree, hf_udp_proc_dst_cmd, tvb, 0, 0,
udpd->fwd->command, "%s", udpd->fwd->command);
}
if (udpd->rev->command) {
proto_tree_add_uint_format_value(process_tree, hf_udp_proc_src_uid, tvb, 0, 0,
udpd->rev->process_uid, "%u", udpd->rev->process_uid);
proto_tree_add_uint_format_value(process_tree, hf_udp_proc_src_pid, tvb, 0, 0,
udpd->rev->process_pid, "%u", udpd->rev->process_pid);
proto_tree_add_string_format_value(process_tree, hf_udp_proc_src_uname, tvb, 0, 0,
udpd->rev->username, "%s", udpd->rev->username);
proto_tree_add_string_format_value(process_tree, hf_udp_proc_src_cmd, tvb, 0, 0,
udpd->rev->command, "%s", udpd->rev->command);
}
}
/*
* Call sub-dissectors.
*
* XXX - should we do this if this is included in an error packet?
* It might be nice to see the details of the packet that caused the
* ICMP error, but it might not be nice to have the dissector update
* state based on it.
* Also, we probably don't want to run UDP taps on those packets.
*
* We definitely don't want to do it for an error packet if there's
* nothing left in the packet.
*/
if (!pinfo->flags.in_error_pkt || tvb_length_remaining(tvb, offset) > 0)
decode_udp_ports(tvb, offset, pinfo, tree, udph->uh_sport, udph->uh_dport,
udph->uh_ulen);
}
static void
dissect_vtp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
{
proto_item *ti;
proto_tree *vtp_tree = NULL, *vtp_pruning_tree = NULL;
int offset = 0;
guint8 code;
guint8 *upd_timestamp;
int vlan_info_len;
int pruning_vlan_id;
col_set_str(pinfo->cinfo, COL_PROTOCOL, "VTP");
set_vtp_info_col(tvb, pinfo);
ti = proto_tree_add_item(tree, proto_vtp, tvb, offset, -1, ENC_NA);
vtp_tree = proto_item_add_subtree(ti, ett_vtp);
proto_tree_add_item(vtp_tree, hf_vtp_version, tvb, offset, 1, ENC_BIG_ENDIAN);
offset += 1;
code = tvb_get_guint8(tvb, offset);
proto_tree_add_item(vtp_tree, hf_vtp_code, tvb, offset, 1, ENC_BIG_ENDIAN);
offset += 1;
switch (code) {
case SUMMARY_ADVERT:
proto_tree_add_item(vtp_tree, hf_vtp_followers, tvb, offset, 1, ENC_BIG_ENDIAN);
offset += 1;
proto_tree_add_item(vtp_tree, hf_vtp_md_len, tvb, offset, 1, ENC_BIG_ENDIAN);
offset += 1;
proto_tree_add_item(vtp_tree, hf_vtp_md, tvb, offset, 32, ENC_ASCII|ENC_NA);
offset += 32;
proto_tree_add_item(vtp_tree, hf_vtp_conf_rev_num, tvb, offset, 4, ENC_BIG_ENDIAN);
offset += 4;
proto_tree_add_item(vtp_tree, hf_vtp_upd_id, tvb, offset, 4, ENC_BIG_ENDIAN);
offset += 4;
upd_timestamp = tvb_get_string(wmem_packet_scope(), tvb, offset, 12);
proto_tree_add_string_format_value(vtp_tree, hf_vtp_upd_ts, tvb,
offset, 12, (gchar*)upd_timestamp,
"%.2s-%.2s-%.2s %.2s:%.2s:%.2s",
&upd_timestamp[0], &upd_timestamp[2], &upd_timestamp[4],
&upd_timestamp[6], &upd_timestamp[8], &upd_timestamp[10]);
offset += 12;
proto_tree_add_item(vtp_tree, hf_vtp_md5_digest, tvb, offset, 16, ENC_NA);
break;
case SUBSET_ADVERT:
proto_tree_add_item(vtp_tree, hf_vtp_seq_num, tvb, offset, 1, ENC_BIG_ENDIAN);
offset += 1;
proto_tree_add_item(vtp_tree, hf_vtp_md_len, tvb, offset, 1, ENC_BIG_ENDIAN);
offset += 1;
proto_tree_add_item(vtp_tree, hf_vtp_md, tvb, offset, 32, ENC_ASCII|ENC_NA);
offset += 32;
proto_tree_add_item(vtp_tree, hf_vtp_conf_rev_num, tvb, offset, 4, ENC_BIG_ENDIAN);
offset += 4;
while (tvb_reported_length_remaining(tvb, offset) > 0) {
vlan_info_len =
dissect_vlan_info(tvb, pinfo, offset, vtp_tree);
if (vlan_info_len <= 0)
break;
offset += vlan_info_len;
}
break;
case ADVERT_REQUEST:
offset += 1; /* skip reserved field */
proto_tree_add_item(vtp_tree, hf_vtp_md_len, tvb, offset, 1, ENC_BIG_ENDIAN);
offset += 1;
proto_tree_add_item(vtp_tree, hf_vtp_md, tvb, offset, 32, ENC_ASCII|ENC_NA);
offset += 32;
proto_tree_add_item(vtp_tree, hf_vtp_start_value, tvb, offset, 2, ENC_BIG_ENDIAN);
break;
case JOIN_MSG:
offset += 1; /* skip reserved/unused field */
proto_tree_add_item(vtp_tree, hf_vtp_md_len, tvb, offset, 1, ENC_BIG_ENDIAN);
offset += 1;
proto_tree_add_item(vtp_tree, hf_vtp_md, tvb, offset, 32, ENC_ASCII|ENC_NA);
offset += 32;
proto_tree_add_item(vtp_tree, hf_vtp_pruning_first_vid, tvb, offset, 2, ENC_BIG_ENDIAN);
pruning_vlan_id = tvb_get_ntohs(tvb, offset);
offset += 2;
proto_tree_add_item(vtp_tree, hf_vtp_pruning_last_vid, tvb, offset,
2, ENC_BIG_ENDIAN);
offset += 2;
ti = proto_tree_add_text (vtp_tree, tvb, offset, -1,
"Advertised active (i.e. not pruned) VLANs");
vtp_pruning_tree = proto_item_add_subtree(ti, ett_vtp_pruning);
while (tvb_reported_length_remaining(tvb, offset) > 0) {
guint8 vlan_usage_bitmap;
int shift;
vlan_usage_bitmap = tvb_get_guint8(tvb, offset);
for (shift = 0; shift < 8; shift++) {
if (vlan_usage_bitmap & (1<<7)) {
proto_tree_add_uint(vtp_pruning_tree, hf_vtp_pruning_active_vid,
tvb, offset, 1, pruning_vlan_id);
}
pruning_vlan_id += 1;
vlan_usage_bitmap <<= 1;
}
offset += 1;
}
break;
}
}
void
GIOP_Base::add_exception (int fieldId, const char *exceptionId)
{
proto_tree_add_string_format_value(tree_, fieldId, tvb_, *offset_, -1,
"", "Exception %s",exceptionId );
}
static void
dissect_sap(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
{
int offset = 0;
int sap_version, is_ipv6, is_del, is_enc, is_comp, addr_len;
guint8 vers_flags;
guint8 auth_len;
guint8 auth_flags;
tvbuff_t *next_tvb;
proto_item *si, *sif;
proto_tree *sap_tree = NULL, *sap_flags_tree;
col_set_str(pinfo->cinfo, COL_PROTOCOL, "SAP");
col_clear(pinfo->cinfo, COL_INFO);
vers_flags = tvb_get_guint8(tvb, offset);
is_ipv6 = vers_flags&MCAST_SAP_BIT_A;
is_del = vers_flags&MCAST_SAP_BIT_T;
is_enc = vers_flags&MCAST_SAP_BIT_E;
is_comp = vers_flags&MCAST_SAP_BIT_C;
sap_version = (vers_flags&MCAST_SAP_VERSION_MASK)>>MCAST_SAP_VERSION_SHIFT;
addr_len = (is_ipv6) ? (int)sizeof(struct e_in6_addr) : 4;
col_add_fstr(pinfo->cinfo, COL_INFO, "%s (v%u)",
(is_del) ? "Deletion" : "Announcement", sap_version);
if (tree) {
si = proto_tree_add_item(tree, proto_sap, tvb, offset, -1, ENC_NA);
sap_tree = proto_item_add_subtree(si, ett_sap);
sif = proto_tree_add_item(sap_tree, hf_sap_flags, tvb, offset, 1, ENC_NA);
sap_flags_tree = proto_item_add_subtree(sif, ett_sap_flags);
proto_tree_add_item(sap_flags_tree, hf_sap_flags_v, tvb, offset, 1, ENC_NA);
proto_tree_add_item(sap_flags_tree, hf_sap_flags_a, tvb, offset, 1, ENC_NA);
proto_tree_add_item(sap_flags_tree, hf_sap_flags_r, tvb, offset, 1, ENC_NA);
proto_tree_add_item(sap_flags_tree, hf_sap_flags_t, tvb, offset, 1, ENC_NA);
proto_tree_add_item(sap_flags_tree, hf_sap_flags_e, tvb, offset, 1, ENC_NA);
proto_tree_add_item(sap_flags_tree, hf_sap_flags_c, tvb, offset, 1, ENC_NA);
}
offset++;
auth_len = tvb_get_guint8(tvb, offset);
proto_tree_add_item(sap_tree, hf_sap_auth_len, tvb, offset, 1, ENC_NA);
offset++;
proto_tree_add_item(sap_tree, hf_sap_message_identifier_hash, tvb, offset, 2, ENC_BIG_ENDIAN);
offset +=2;
if (is_ipv6)
proto_tree_add_item(sap_tree, hf_sap_originating_source_ipv6, tvb, offset, addr_len, ENC_NA);
else
proto_tree_add_item(sap_tree, hf_sap_originating_source_ipv4, tvb, offset, addr_len, ENC_BIG_ENDIAN);
offset += addr_len;
/* Authentication data lives in its own subtree */
if (auth_len > 0) {
guint32 auth_data_len;
proto_item *sdi, *sai;
proto_tree *sa_tree, *saf_tree;
int has_pad;
guint8 pad_len = 0;
auth_data_len = (guint32)(auth_len * sizeof(guint32));
sdi = proto_tree_add_item(sap_tree, hf_auth_data, tvb, offset, auth_data_len, ENC_NA);
sa_tree = proto_item_add_subtree(sdi, ett_sap_auth);
auth_flags = tvb_get_guint8(tvb, offset);
sai = proto_tree_add_item(sa_tree, hf_auth_flags, tvb, offset, 1, ENC_NA);
saf_tree = proto_item_add_subtree(sai, ett_sap_authf);
proto_tree_add_item(saf_tree, hf_auth_flags_v, tvb, offset, 1, ENC_NA);
proto_tree_add_item(saf_tree, hf_auth_flags_p, tvb, offset, 1, ENC_NA);
proto_tree_add_item(saf_tree, hf_auth_flags_t, tvb, offset, 1, ENC_NA);
has_pad = auth_flags&MCAST_SAP_AUTH_BIT_P;
if (has_pad) {
pad_len = tvb_get_guint8(tvb, offset+auth_data_len-1);
}
if ((int) auth_data_len - pad_len - 1 < 0) {
expert_add_info_format(pinfo, sai, &ei_sap_bogus_authentication_or_pad_length,
"Bogus authentication length (%d) or pad length (%d)", auth_len, pad_len);
return;
}
proto_tree_add_item(sa_tree, hf_sap_auth_subheader, tvb, offset+1, auth_data_len-pad_len-1, ENC_NA);
if (has_pad) {
proto_tree_add_item(sa_tree, hf_sap_auth_data_padding_len, tvb, offset+auth_data_len-1, 1, ENC_NA);
proto_tree_add_item(sa_tree, hf_sap_auth_data_padding, tvb, offset+auth_data_len-pad_len, pad_len, ENC_NA);
}
offset += auth_data_len;
}
if (is_enc || is_comp) {
expert_field *mangle;
if (is_enc && is_comp)
mangle = &ei_sap_compressed_and_encrypted;
else if (is_enc)
mangle = &ei_sap_encrypted;
else
mangle = &ei_sap_compressed;
proto_tree_add_expert(sap_tree, pinfo, mangle, tvb, offset, -1);
return;
}
if (tree) {
/* Do we have the optional payload type aka. MIME content specifier */
if (tvb_strneql(tvb, offset, "v=", strlen("v="))) {
gint remaining_len;
guint32 pt_len;
int pt_string_len;
guint8* pt_str;
remaining_len = tvb_captured_length_remaining(tvb, offset);
if (remaining_len == 0) {
/*
* "tvb_strneql()" failed because there was no
* data left in the packet.
*
* Set the remaining length to 1, so that
* we throw the appropriate exception in
* "tvb_get_ptr()", rather than displaying
* the payload type.
*/
remaining_len = 1;
}
pt_string_len = tvb_strnlen(tvb, offset, remaining_len);
if (pt_string_len == -1) {
/*
* We didn't find a terminating '\0'; run to the
* end of the buffer.
*/
pt_string_len = remaining_len;
pt_len = pt_string_len;
} else {
/*
* Include the '\0' in the total item length.
*/
pt_len = pt_string_len + 1;
}
pt_str = tvb_get_string_enc(wmem_packet_scope(), tvb, offset, pt_string_len, ENC_ASCII);
proto_tree_add_string_format_value(sap_tree, hf_sap_payload_type, tvb, offset, pt_len,
pt_str, "%.*s", pt_string_len, pt_str);
offset += pt_len;
}
}
/* Done with SAP */
next_tvb = tvb_new_subset_remaining(tvb, offset);
call_dissector(sdp_handle, next_tvb, pinfo, tree);
}
/* common dissector function for dissecting TFP payloads */
static void
dissect_tfp_common(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree) {
gint byte_offset = 0;
gint bit_offset = 48;
guint8 hv_tfp_len;
guint8 hv_tfp_fid;
guint8 hv_tfp_seq;
gchar tfp_uid_string[BASE58_MAX_STR_SIZE];
base58_encode(tvb_get_letohl(tvb, 0), &tfp_uid_string[0]);
hv_tfp_len = tvb_get_guint8(tvb, byte_offset_len);
hv_tfp_fid = tvb_get_guint8(tvb, byte_offset_fid);
hv_tfp_seq = tvb_get_bits8(tvb, bit_offset, bit_count_tfp_seq);
col_add_fstr(pinfo->cinfo, COL_INFO,
"UID: %s, Len: %d, FID: %d, Seq: %d",
&tfp_uid_string[0], hv_tfp_len, hv_tfp_fid, hv_tfp_seq);
/* call for details */
if (tree) {
proto_tree *tfp_tree;
proto_item *ti;
ti = proto_tree_add_protocol_format(tree, proto_tfp, tvb, 0, -1,
"Tinkerforge Protocol, UID: %s, Len: %d, FID: %d, Seq: %d",
&tfp_uid_string[0], hv_tfp_len, hv_tfp_fid, hv_tfp_seq);
tfp_tree = proto_item_add_subtree(ti, ett_tfp);
/* Use ...string_format_value() so we can show the complete generated string but specify */
/* the field length as being just the 4 bytes from which the string is generated. */
ti = proto_tree_add_string_format_value(tfp_tree,
hf_tfp_uid,
tvb, byte_offset, byte_count_tfp_uid,
&tfp_uid_string[0], "%s", &tfp_uid_string[0]);
PROTO_ITEM_SET_GENERATED(ti);
proto_tree_add_item(tfp_tree,
hf_tfp_uid_numeric,
tvb,
byte_offset,
byte_count_tfp_uid,
ENC_LITTLE_ENDIAN);
byte_offset += byte_count_tfp_uid;
proto_tree_add_item(tfp_tree,
hf_tfp_len,
tvb,
byte_offset,
byte_count_tfp_len,
ENC_LITTLE_ENDIAN);
byte_offset += byte_count_tfp_len;
proto_tree_add_item(tfp_tree,
hf_tfp_fid,
tvb,
byte_offset,
byte_count_tfp_fid,
ENC_LITTLE_ENDIAN);
byte_offset += byte_count_tfp_fid;
proto_tree_add_bits_item(tfp_tree,
hf_tfp_seq,
tvb,
bit_offset,
bit_count_tfp_seq,
ENC_LITTLE_ENDIAN);
bit_offset += bit_count_tfp_seq;
proto_tree_add_bits_item(tfp_tree,
hf_tfp_r,
tvb,
bit_offset,
bit_count_tfp_r,
ENC_LITTLE_ENDIAN);
bit_offset += bit_count_tfp_r;
proto_tree_add_bits_item(tfp_tree,
hf_tfp_a,
tvb,
bit_offset,
bit_count_tfp_a,
ENC_LITTLE_ENDIAN);
bit_offset += bit_count_tfp_a;
proto_tree_add_bits_item(tfp_tree,
hf_tfp_oo,
tvb,
bit_offset,
bit_count_tfp_oo,
ENC_LITTLE_ENDIAN);
bit_offset += bit_count_tfp_oo;
proto_tree_add_bits_item(tfp_tree,
hf_tfp_e,
tvb,
bit_offset,
bit_count_tfp_e,
ENC_LITTLE_ENDIAN);
bit_offset += bit_count_tfp_e;
proto_tree_add_bits_item(tfp_tree,
hf_tfp_future_use,
tvb,
bit_offset,
bit_count_tfp_future_use,
ENC_LITTLE_ENDIAN);
/*bit_offset += bit_count_tfp_future_use;*/
if ((tvb_reported_length(tvb)) > 8) {
byte_offset += byte_count_tfp_flags;
proto_tree_add_item(tfp_tree, hf_tfp_payload, tvb, byte_offset, -1, ENC_NA);
}
}
}
