epan/dissectors/pidl/samr/samr.cnf cnf_dissect_lsa_BinaryString => lsarpc_dissect_str...
[wireshark-sm.git] / epan / dissectors / packet-saprfc.c
blob6d170323583e870539a87a1a3fd469cceca0e83a
1 /* packet-saprfc.c
2 * Routines for SAP RFC (SAP Remote Function Call Protocol) dissection
3 * Copyright 2022, Martin Gallo <martin.gallo [AT] gmail.com>
4 * Code contributed by SecureAuth Corp.
6 * Wireshark - Network traffic analyzer
7 * By Gerald Combs <gerald@wireshark.org>
8 * Copyright 1998 Gerald Combs
10 * SPDX-License-Identifier: GPL-2.0-or-later
13 #include <epan/packet.h>
14 #include <epan/prefs.h>
15 #include <epan/expert.h>
16 #include <wsutil/wmem/wmem.h>
19 * Define default ports. The right range should be 33NN, but as port numbers are proprietary and not
20 * IANA assigned, we leave only the one corresponding to the instance 00.
22 #define SAPRFC_PORT_RANGE "3300"
25 /* SAP RFC Request Types field values */
26 static const value_string saprfc_reqtype_values[] = {
27 { 0x00, "GW_UNDEF_TYPE" },
28 { 0x01, "GW_CHECK_GATEWAY" },
29 { 0x02, "GW_CONNECT_GWWP" },
30 { 0x03, "GW_NORMAL_CLIENT" },
31 { 0x04, "GW_REMOTE_GATEWAY" },
32 { 0x05, "STOP_GATEWAY" },
33 { 0x06, "GW_LOCAL_R3" },
34 { 0x07, "GW_SEND_INTERNAL_ERROR" },
35 { 0x08, "GW_SEND_INFO" },
36 { 0x09, "GW_SEND_CMD" },
37 { 0x0a, "GW_WORKPROCESS_DIED" },
38 { 0x0b, "GW_REGISTER_TP" },
39 { 0x0c, "GW_UNREGISTER_TP" },
40 { 0x0d, "GW_CONNECT_DISP" },
41 { 0x0e, "GW_GET_NO_REGISTER_TP" },
42 { 0x0f, "GW_SAP_WP_CLIENT" },
43 { 0x10, "GW_CANCEL_REGISTER_TP" },
44 { 0x11, "REMOTE_GATEWAY" },
45 { 0x12, "GW_CONTAINER_RECEIVED" },
46 /* NULL */
47 { 0x00, NULL }
50 /* SAP RFC Monitor Command field values */
51 static const value_string saprfc_monitor_cmd_values[] = {
52 { 0x01, "NOOP" },
53 { 0x02, "DELETE_CONN" },
54 { 0x03, "CANCEL_CONN" },
55 { 0x04, "RST_SINGLE_ERR_CNT" },
56 { 0x05, "RST_ALL_ERR_CNT" },
57 { 0x06, "INCREASE_TRACE" },
58 { 0x07, "DECREASE_TRACE" },
59 { 0x08, "READ_SEC_INFO" },
60 { 0x09, "REFRESH_SEC_INFO" },
61 { 0x0a, "READ_GWSYS_TBL" },
62 { 0x0b, "READ_CONN_TBL" },
63 { 0x0c, "READ_PROC_TBL" },
64 { 0x0d, "READ_CONN_ATTR" },
65 { 0x0e, "READ_MEMORY" },
66 { 0x0f, "READ_REQ_BLK" },
67 { 0x10, "ACT_STATISTIC" },
68 { 0x11, "DEACT_STATISTIC" },
69 { 0x12, "READ_STATISTIC" },
70 { 0x13, "RESET_STATISTIC" },
71 { 0x14, "READ_PARAMETER" },
72 { 0x19, "DUMP_NIBUFFER" },
73 { 0x20, "RESET_NIBUFFER" },
74 { 0x21, "ACT_EXTPGM_TRACE" },
75 { 0x22, "DEACT_EXTPGM_TRACE" },
76 { 0x23, "ACT_CONN_TRACE" },
77 { 0x24, "DEACT_CONN_TRACE" },
78 { 0x25, "RESET_TRACE" },
79 { 0x26, "SUICIDE" },
80 { 0x27, "READ_SEC_INFO2" },
81 { 0x28, "CANCEL_REG_TP" },
82 { 0x29, "DUMP" },
83 { 0x2a, "READ_GWSYS_TBL2" },
84 { 0x2b, "CHANGE_PARAMETER" },
85 { 0x2c, "GET_CONN_PARTNER" },
86 { 0x2d, "DELETE_CLIENT" },
87 { 0x2e, "DELETE_REMGW" },
88 { 0x2f, "DISCONNECT" },
89 { 0x30, "ENABLE_RESTART" },
90 { 0x31, "DISABLE_RESTART" },
91 { 0x32, "NI_TRACE" },
92 { 0x33, "CLI_INFO" },
93 { 0x34, "GW_INFO" },
94 { 0x35, "CONVID_INFO" },
95 { 0x36, "GET_NO_REG_TP" },
96 { 0x37, "CV_INFO" },
97 { 0x38, "SO_KEEPALIVE" },
98 { 0x39, "READ_CONN_TBL2" },
99 { 0x40, "READ_GWSYS_TBL3" },
100 { 0x41, "RELOAD_ACL" },
101 /* NULL */
102 { 0x00, NULL }
105 /* SAP RFC APPC Header Request Type field values */
106 static const value_string saprfc_header_reqtype_values[] = {
107 { 0x00, "F_NO_REQUEST" },
108 { 0x01, "F_INITIALIZE_CONVERSATION" },
109 { 0x03, "F_ACCEPT_CONVERSATION" },
110 { 0x05, "F_ALLOCATE" },
111 { 0x07, "F_SEND_DATA" },
112 { 0x08, "F_ASEND_DATA" },
113 { 0x09, "F_RECEIVE" },
114 { 0x0a, "F_ARECEIVE" },
115 { 0x0b, "F_DEALLOCATE" },
116 { 0x0d, "F_SET_TP_NAME" },
117 { 0x0f, "F_SET_PARTNER_LU_NAME" },
118 { 0x11, "F_SET_SECURITY_PASSWORD" },
119 { 0x13, "F_SET_SECURITY_USER_ID" },
120 { 0x15, "F_SET_SECURITY_TYPE" },
121 { 0x17, "F_SET_CONVERSATION_TYPE" },
122 { 0x19, "F_EXTRACT_TP_NAME" },
123 { 0x1b, "F_FLUSH" },
124 { 0xc9, "F_SAP_ALLOCATE" },
125 { 0xca, "F_SAP_INIT" },
126 { 0xcb, "F_SAP_SEND" },
127 { 0xcc, "F_ASAP_SEND" },
128 { 0xcd, "F_SAP_SYNC" },
129 { 0xce, "F_SAP_PING" },
130 { 0xcf, "F_SAP_REGTP" },
131 { 0xd0, "F_SAP_UNREGTP" },
132 { 0xd1, "F_SAP_ACCPTP" },
133 { 0xd2, "F_SAP_UNACCPTP" },
134 { 0xd3, "F_SAP_CANCTP" },
135 { 0xd4, "F_SAP_SET_UID" },
136 { 0xd5, "F_SAP_CANCEL" },
137 { 0xd6, "F_SAP_CANCELED" },
138 /* NULL */
139 { 0x00, NULL }
143 /* SAP RFC APPC Header Protocol field values */
144 static const value_string saprfc_header_protocol_values[] = {
145 { 0x00, "R2PR" },
146 { 0x01, "INT" },
147 { 0x02, "EXT" },
148 { 0x03, "CPIC" },
149 { 0x05, "NE" },
150 { 0x06, "REG" },
151 { 0x42, "CPIC" },
152 { 0x44, "EXT" },
153 { 0x45, "NE" },
154 { 0x48, "INT" },
155 { 0x61, "REG" },
156 /* NULL */
157 { 0x00, NULL }
160 /* SAP RFC APPC Header APPC Return Code field values */
161 static const value_string saprfc_header_appc_rc_values[] = {
162 { 0x00, "CM_OK" },
163 { 0x01, "CM_ALLOCATE_FAILURE_NO_RETRY" },
164 { 0x02, "CM_ALLOCATE_FAILURE_RETRY" },
165 { 0x03, "CM_CONVERSATION_TYPE_MISMATCH" },
166 { 0x06, "CM_SECURITY_NOT_VALID" },
167 { 0x08, "CM_SYNC_LVL_NOT_SUPPORTED_PGM" },
168 { 0x09, "CM_TPN_NOT_RECOGNIZED" },
169 { 0x0a, "CM_TP_NOT_AVAILABLE_NO_RETRY" },
170 { 0x0b, "CM_TP_NOT_AVAILABLE_RETRY" },
171 { 0x11, "CM_DEALLOCATED_ABEND" },
172 { 0x12, "CM_DEALLOCATED_NORMAL" },
173 { 0x13, "CM_PARAMETER_ERROR" },
174 { 0x14, "CM_PRODUCT_SPECIFIC_ERROR" },
175 { 0x15, "CM_PROGRAM_ERROR_NO_TRUNC" },
176 { 0x16, "CM_PROGRAM_ERROR_PURGING" },
177 { 0x17, "CM_PROGRAM_ERROR_TRUNC" },
178 { 0x18, "CM_PROGRAM_PARAMETER_CHECK" },
179 { 0x19, "CM_PROGRAM_STATE_CHECK" },
180 { 0x1a, "CM_RESOURCE_FAILURE_NO_RETRY" },
181 { 0x1b, "CM_RESOURCE_FAILURE_RETRY" },
182 { 0x1c, "CM_UNSUCCESSFUL" },
183 { 0x23, "CM_OPERATION_INCOMPLETE" },
184 { 0x24, "CM_SYSTEM_EVENT" },
185 { 0x2711, "CM_SAP_TIMEOUT_RETRY" },
186 { 0x2712, "CM_CANCEL_REQUEST" },
187 /* NULL */
188 { 0x00, NULL }
191 /* SAP RFC APPC Header MCPIC Parameters Client Info values */
192 static const value_string saprfc_header_ncpic_parameters_client_info_values[] = {
193 { 0x00, "GW_NO_CLIENT_INFO" },
194 { 0x01, "GW_EXTERNAL_CLIENT" },
195 { 0x02, "GW_R3_CLIENT" },
196 /* NULL */
197 { 0x00, NULL }
200 /* ABAP/4 data types, taken from RFC SDK's saprfc.h */
201 #define TYPC 0
202 #define TYPDATE 1
203 #define TYPP 2
204 #define TYPTIME 3
205 #define TYPX 4
206 #define TYPTABH 5
207 #define TYPNUM 6
208 #define TYPFLOAT 7
209 #define TYPINT 8
210 #define TYPINT2 9
211 #define TYPINT1 10
212 /* TYPW = 11 */
213 #define TYP1 12
214 #define TYP2 13
215 #define TYPDECF16 23 /* IEEE 754r decimal floating point 8 bytes */
216 #define TYPDECF34 24 /* IEEE 754r decimal floating point 16 bytes */
218 static const value_string abap_types_typename_values[] = {
219 { TYPC, "CHAR" },
220 { TYPDATE, "DATS" },
221 { TYPP, "BCD" },
222 { TYPTIME, "TIMS" },
223 { TYPX, "RAW" },
224 { TYPTABH, "ITAB" },
225 { TYPNUM, "NUMC" },
226 { TYPFLOAT, "FLTP" },
227 { TYPINT, "INT" },
228 { TYPINT2, "INT2" },
229 { TYPINT1, "INT1" },
230 { TYP1, "DATE_1" },
231 { TYP2, "DATE_2" },
232 { TYPDECF16, "DECF16" },
233 { TYPDECF34, "DECF34" },
234 /* NULL */
235 { 0x00, NULL }
238 /* SAP RFC Accept Info Flag values */
239 #define SAPRFC_ACCEPT_INFO_EINFO 0x01
240 #define SAPRFC_ACCEPT_INFO_PING 0x02
241 #define SAPRFC_ACCEPT_INFO_SNC 0x04
242 #define SAPRFC_ACCEPT_INFO_CONN_EINFO 0x08
243 #define SAPRFC_ACCEPT_INFO_CODE_PAGE 0x10
244 #define SAPRFC_ACCEPT_INFO_NIPING 0x20
245 #define SAPRFC_ACCEPT_INFO_EXTINITOPT 0x40
246 #define SAPRFC_ACCEPT_INFO_GW_ACCEPT_DIST_TRACE 0x80
248 /* SAP RFC APPC Header Info Flags values */
249 #define SAPRFC_APPCHDR_INFO1_SYNC_CPIC_FUNCTION 0x01
250 #define SAPRFC_APPCHDR_INFO1_WITH_HOSTADDR 0x02
251 #define SAPRFC_APPCHDR_INFO1_WITH_GW_SAP_PARAMS_HDR 0x04
252 #define SAPRFC_APPCHDR_INFO1_CPIC_SYNC_REQ 0x08
253 #define SAPRFC_APPCHDR_INFO1_WITH_ERR_INFO 0x10
254 #define SAPRFC_APPCHDR_INFO1_DATA_WITH_TERM_OUTPUT 0x20
255 #define SAPRFC_APPCHDR_INFO1_DATA_WITH_TERM_INPUT 0x40
256 #define SAPRFC_APPCHDR_INFO1_R3_CPIC_LOGIN_WITH_TERM 0x80
258 #define SAPRFC_APPCHDR_INFO2_WITH_LONG_LU_NAME 0x01
259 #define SAPRFC_APPCHDR_INFO2_WITH_LONG_HOSTADDR 0x02
260 #define SAPRFC_APPCHDR_INFO2_GW_IMMEDIATE 0x04
261 #define SAPRFC_APPCHDR_INFO2_GW_SNC_ACTIVE 0x08
262 #define SAPRFC_APPCHDR_INFO2_GW_WAIT_LOOK_UP 0x10
263 #define SAPRFC_APPCHDR_INFO2_SNC_INIT_PHASE 0x20
264 #define SAPRFC_APPCHDR_INFO2_GW_STATELESS 0x40
265 #define SAPRFC_APPCHDR_INFO2_GW_NO_STATE_CHECK 0x80
267 #define SAPRFC_APPCHDR_INFO3_GW_WITH_CODE_PAGE 0x01
268 #define SAPRFC_APPCHDR_INFO3_GW_ASYNC_RFC 0x02
269 #define SAPRFC_APPCHDR_INFO3_GW_CANCEL_HARD 0x04
270 #define SAPRFC_APPCHDR_INFO3_GW_CANCEL_SOFT 0x08
271 #define SAPRFC_APPCHDR_INFO3_GW_WITH_GUI_TIMEOUT 0x10
272 #define SAPRFC_APPCHDR_INFO3_GW_TERMIO_ERROR 0x20
273 #define SAPRFC_APPCHDR_INFO3_GW_EXTENDED_INIT_OPTIONS 0x40
274 #define SAPRFC_APPCHDR_INFO3_GW_DIST_TRACE 0x80
276 #define SAPRFC_APPCHDR_INFO4_GW_WITH_DBG_CTL 0x01
278 /* SAP RFC APPC Header Request Type 2 Flags values */
279 #define SAPRFC_APPCHDR_REQTYPE2_F_V_INITIALIZE_CONVERSATION 0x01
280 #define SAPRFC_APPCHDR_REQTYPE2_F_V_ALLOCATE 0x02
281 #define SAPRFC_APPCHDR_REQTYPE2_F_V_SEND_DATA 0x04
282 #define SAPRFC_APPCHDR_REQTYPE2_F_V_RECEIVE 0x08
283 #define SAPRFC_APPCHDR_REQTYPE2_F_V_FLUSH 0x10
286 static int proto_saprfc;
288 static int hf_saprfc_version;
289 static int hf_saprfc_reqtype;
290 static int hf_saprfc_address;
291 static int hf_saprfc_service;
292 static int hf_saprfc_codepage;
293 static int hf_saprfc_lu;
294 static int hf_saprfc_tp;
295 static int hf_saprfc_conversation_id;
296 static int hf_saprfc_appc_header_version;
297 static int hf_saprfc_accept_info; /* (EINFO PING CONN_EINFO EXTINITOPT GW_ACCEPT_DIST_TRACE (0xCB)) */
298 static int hf_saprfc_accept_info_EINFO;
299 static int hf_saprfc_accept_info_PING;
300 static int hf_saprfc_accept_info_SNC;
301 static int hf_saprfc_accept_info_CONN_EINFO;
302 static int hf_saprfc_accept_info_CODE_PAGE;
303 static int hf_saprfc_accept_info_NIPING;
304 static int hf_saprfc_accept_info_EXTINITOPT;
305 static int hf_saprfc_accept_info_GW_ACCEPT_DIST_TRACE;
306 static int hf_saprfc_idx;
307 static int hf_saprfc_address6;
308 static int hf_saprfc_rc;
309 static int hf_saprfc_echo_data;
310 static int hf_saprfc_filler;
312 static int hf_saprfc_monitor_cmd;
314 static int hf_saprfc_header;
315 static int hf_saprfc_header_version;
316 static int hf_saprfc_header_reqtype;
317 static int hf_saprfc_header_protocol;
318 static int hf_saprfc_header_mode;
319 static int hf_saprfc_header_uid;
320 static int hf_saprfc_header_gw_id;
321 static int hf_saprfc_header_err_len;
322 static int hf_saprfc_header_info2;
323 static int hf_saprfc_header_info2_WITH_LONG_LU_NAME;
324 static int hf_saprfc_header_info2_WITH_LONG_HOSTADDR;
325 static int hf_saprfc_header_info2_GW_IMMEDIATE;
326 static int hf_saprfc_header_info2_GW_SNC_ACTIVE;
327 static int hf_saprfc_header_info2_GW_WAIT_LOOK_UP;
328 static int hf_saprfc_header_info2_SNC_INIT_PHASE;
329 static int hf_saprfc_header_info2_GW_STATELESS;
330 static int hf_saprfc_header_info2_GW_NO_STATE_CHECK;
331 static int hf_saprfc_header_trace_level;
332 static int hf_saprfc_header_time;
333 static int hf_saprfc_header_info3;
334 static int hf_saprfc_header_info3_GW_WITH_CODE_PAGE;
335 static int hf_saprfc_header_info3_GW_ASYNC_RFC;
336 static int hf_saprfc_header_info3_GW_CANCEL_HARD;
337 static int hf_saprfc_header_info3_GW_CANCEL_SOFT;
338 static int hf_saprfc_header_info3_GW_WITH_GUI_TIMEOUT;
339 static int hf_saprfc_header_info3_GW_TERMIO_ERROR;
340 static int hf_saprfc_header_info3_GW_EXTENDED_INIT_OPTIONS;
341 static int hf_saprfc_header_info3_GW_DIST_TRACE;
342 static int hf_saprfc_header_timeout;
343 static int hf_saprfc_header_info4;
344 static int hf_saprfc_header_info4_GW_WITH_DBG_CTL;
345 static int hf_saprfc_header_sequence_no;
346 static int hf_saprfc_header_sap_params_len;
347 static int hf_saprfc_header_info;
348 static int hf_saprfc_header_info_SYNC_CPIC_FUNCTION;
349 static int hf_saprfc_header_info_WITH_HOSTADDR;
350 static int hf_saprfc_header_info_WITH_GW_SAP_PARAMS_HDR;
351 static int hf_saprfc_header_info_CPIC_SYNC_REQ;
352 static int hf_saprfc_header_info_WITH_ERR_INFO;
353 static int hf_saprfc_header_info_DATA_WITH_TERM_OUTPUT;
354 static int hf_saprfc_header_info_DATA_WITH_TERM_INPUT;
355 static int hf_saprfc_header_info_R3_CPIC_LOGIN_WITH_TERM;
356 static int hf_saprfc_header_reqtype2;
357 static int hf_saprfc_header_reqtype2_F_V_INITIALIZE_CONVERSATION;
358 static int hf_saprfc_header_reqtype2_F_V_ALLOCATE;
359 static int hf_saprfc_header_reqtype2_F_V_SEND_DATA;
360 static int hf_saprfc_header_reqtype2_F_V_RECEIVE;
361 static int hf_saprfc_header_reqtype2_F_V_FLUSH;
362 static int hf_saprfc_header_appc_rc;
363 static int hf_saprfc_header_sap_rc; /* TODO: Add SAP Return values */
364 static int hf_saprfc_header_conversation_id;
365 static int hf_saprfc_header_ncpic_parameters;
366 static int hf_saprfc_header_ncpic_parameters_sdest;
367 static int hf_saprfc_header_ncpic_parameters_lu;
368 static int hf_saprfc_header_ncpic_parameters_tp;
369 static int hf_saprfc_header_ncpic_parameters_ctype;
370 static int hf_saprfc_header_ncpic_parameters_client_info;
371 static int hf_saprfc_header_ncpic_parameters_lu_name;
372 static int hf_saprfc_header_ncpic_parameters_lu_name_length;
373 static int hf_saprfc_header_ncpic_parameters_host_address;
374 static int hf_saprfc_header_ncpic_parameters_security_password;
375 static int hf_saprfc_header_ncpic_parameters_security_password_length;
377 static int hf_saprfc_header_comm_idx;
378 static int hf_saprfc_header_conn_idx;
380 static int hf_saprfc_item;
381 static int hf_saprfc_item_id1;
382 static int hf_saprfc_item_id2;
383 static int hf_saprfc_item_length;
384 static int hf_saprfc_item_value;
386 static int hf_saprfc_table;
387 static int hf_saprfc_table_structure;
388 static int hf_saprfc_table_structure_field;
389 static int hf_saprfc_table_structure_field_type;
390 static int hf_saprfc_table_structure_field_length;
391 static int hf_saprfc_table_row;
392 static int hf_saprfc_table_row_field;
393 static int hf_saprfc_table_length;
394 static int hf_saprfc_table_compress_header;
395 static int hf_saprfc_table_uncomplength;
396 static int hf_saprfc_table_algorithm;
397 static int hf_saprfc_table_magic;
398 static int hf_saprfc_table_special;
399 static int hf_saprfc_table_return_code;
400 static int hf_saprfc_table_content;
402 static int hf_saprfc_payload;
405 /* TODO: Add CPIC error codes (https://launchpad.support.sap.com/#/notes/63347) */
406 /* TODO: Add RFC logon error codes (https://launchpad.support.sap.com/#/notes/320991) */
408 static int ett_saprfc;
410 /* Expert info */
411 #if 0
412 static expert_field ei_saprfc_invalid_table_structure_length;
413 static expert_field ei_saprfc_invalid_table_content_length;
414 static expert_field ei_saprfc_mismatching_table_row_width;
415 #endif
416 static expert_field ei_saprfc_item_length_invalid;
417 static expert_field ei_saprfc_unknown_item;
420 /* Global table reassembling preference */
421 static bool global_saprfc_table_reassembly = true;
423 /* Global highlight preference */
424 static bool global_saprfc_highlight_items = true;
426 /* Protocol handles for both external and internal dissectors */
427 static dissector_handle_t saprfc_handle;
428 static dissector_handle_t saprfcinternal_handle;
430 /* Keeps track of table content items */
431 uint32_t global_saprfc_table_content_counter = 0;
434 void proto_register_saprfc(void);
435 void proto_reg_handoff_saprfc(void);
438 static void
439 dissect_saprfc_tables_compressed(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *tree, tvbuff_t *structure_tvb _U_, uint32_t structure_offset _U_, uint32_t structure_length _U_, uint32_t row_width _U_, uint32_t row_count _U_){
441 uint32_t reported_length = 0, offset = 0;
443 proto_item *compression_header = NULL;
444 proto_tree *compression_header_tree = NULL;
446 /* Skip the first 8 bytes */
447 offset = 8;
449 /* Add the compression header subtree */
450 compression_header = proto_tree_add_item(tree, hf_saprfc_table_compress_header, tvb, offset, 8, ENC_NA);
451 compression_header_tree = proto_item_add_subtree(compression_header, ett_saprfc);
453 /* Add the uncompressed length */
454 reported_length = tvb_get_letohl(tvb, offset);
455 proto_tree_add_uint(compression_header_tree, hf_saprfc_table_uncomplength, tvb, offset, 4, reported_length);
456 offset += 4;
457 proto_item_append_text(compression_header, ", Uncompressed Len: %u", reported_length);
459 /* Add the algorithm */
460 proto_tree_add_item(compression_header_tree, hf_saprfc_table_algorithm, tvb, offset, 1, ENC_BIG_ENDIAN);
461 offset++;
462 /* Add the magic bytes */
463 proto_tree_add_item(compression_header_tree, hf_saprfc_table_magic, tvb, offset, 2, ENC_BIG_ENDIAN);
464 offset += 2;
465 /* Add the max bits */
466 proto_tree_add_item(compression_header_tree, hf_saprfc_table_special, tvb, offset, 1, ENC_BIG_ENDIAN);
467 offset++;
469 /* TODO: Decompression is not yet enabled until the LZC/LZH library is added
470 * Here we just add the payload subtree
472 proto_tree_add_item(tree, hf_saprfc_table_content, tvb, offset, -1, ENC_NA);
474 /* TODO: Dissect saprfc_payload */
477 static void
478 dissect_saprfc_tables(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, uint32_t offset, uint16_t item_length){
480 uint8_t *reassemble_buffer = NULL, *table_name = NULL;
481 uint16_t next_item = 0;
482 uint32_t reassemble_length = 0, reassemble_offset = 0, row_width = 0, row_count = 0, initial_offset = 0;
484 proto_item *table = NULL;
485 proto_tree *table_tree = NULL;
486 tvbuff_t *compressed_tvb = NULL;
488 uint32_t structure_offset = offset;
489 uint32_t structure_length = item_length;
491 /* Skip table line structure */
492 offset += item_length + 2;
494 next_item = tvb_get_ntohs(tvb, offset);
495 offset+=2;
496 if (next_item != 0x0301){
497 return;
500 item_length = tvb_get_ntohs(tvb, offset);
501 offset += 2;
502 table_name = tvb_get_string_enc(pinfo->pool, tvb, offset, item_length, ENC_ASCII);
503 offset += item_length;
504 offset += 2;
506 next_item = tvb_get_ntohs(tvb, offset);
507 offset += 2;
508 if (next_item != 0x0302){
509 return;
512 item_length = tvb_get_ntohs(tvb, offset);
513 offset += 2;
514 row_width = tvb_get_ntohl(tvb, offset);
515 offset += 4;
516 row_count = tvb_get_ntohl(tvb, offset);
517 offset += 4;
518 offset += (item_length - 8) + 2;
520 next_item = tvb_get_ntohs(tvb, offset);
521 offset += 2;
522 if (next_item != 0x0305){
523 return;
526 item_length = tvb_get_ntohs(tvb, offset);
527 offset += 2;
529 /* Get the reassemble length */
530 initial_offset = offset;
531 reassemble_length = tvb_get_ntohl(tvb, offset + 4);
532 if (item_length > (reassemble_length - reassemble_offset)){
533 item_length = reassemble_length - reassemble_offset;
536 /* Allocate the buffer only in the scope of current packet */
537 reassemble_buffer = (uint8_t *)wmem_alloc(pinfo->pool, reassemble_length);
538 if (!reassemble_buffer){
539 return;
542 /* Perform the reassemble */
543 while (tvb_offset_exists(tvb, offset + item_length) && (reassemble_offset <= reassemble_length)){
544 tvb_memcpy(tvb, reassemble_buffer + reassemble_offset, offset, item_length);
545 offset += item_length + 2;
546 reassemble_offset += item_length;
548 /* If the table content continues, get the length and advance the offset */
549 next_item = tvb_get_ntohs(tvb, offset);
550 offset+=2;
551 if (next_item == 0x0305){
552 item_length = tvb_get_ntohs(tvb, offset);
553 offset+=2;
555 if (item_length > (reassemble_length - reassemble_offset)){
556 item_length = reassemble_length - reassemble_offset;
559 /* If the table content doesn't continue, we've completed */
560 } else {
561 break;
565 /* Now re-setup the tvb buffer to have the new data */
566 compressed_tvb = tvb_new_real_data(reassemble_buffer, reassemble_length, reassemble_offset);
567 tvb_set_child_real_data_tvbuff(tvb, compressed_tvb);
568 add_new_data_source(pinfo, compressed_tvb, "Compressed Table Data");
570 /* Add the Table subtree */
571 table = proto_tree_add_item(tree, hf_saprfc_table, tvb, initial_offset, offset - initial_offset, ENC_NA);
572 table_tree = proto_item_add_subtree(table, ett_saprfc);
574 proto_item_append_text(table, ", Name=%s", table_name);
576 /* Now uncompress the table content */
577 dissect_saprfc_tables_compressed(compressed_tvb, pinfo, table_tree, tvb, structure_offset, structure_length, row_width, row_count);
581 static void
582 dissect_saprfc_item(tvbuff_t *tvb, packet_info *pinfo, proto_item *item, proto_tree *item_value_tree, uint32_t offset, uint8_t item_id1, uint8_t item_id2, uint16_t item_length){
584 if (item_id1==0x01 && item_id2==0x02){
585 int8_t *value_str = tvb_get_string_enc(pinfo->pool, tvb, offset, item_length, ENC_ASCII);
586 proto_tree_add_none_format(item_value_tree, hf_saprfc_item_value, tvb, offset, item_length, "Function Name: %s", value_str);
587 proto_item_append_text(item, ", Function Name=%s", value_str);
589 } else if (item_id1==0x02 && item_id2==0x01){
590 int8_t *value_str = tvb_get_string_enc(pinfo->pool, tvb, offset, item_length, ENC_ASCII);
591 proto_tree_add_none_format(item_value_tree, hf_saprfc_item_value, tvb, offset, item_length, "Import Parameter Name: %s", value_str);
592 proto_item_append_text(item, ", Import Parameter Name=%s", value_str);
594 } else if (item_id1==0x02 && item_id2==0x05){
595 int8_t *value_str = tvb_get_string_enc(pinfo->pool, tvb, offset, item_length, ENC_ASCII);
596 proto_tree_add_none_format(item_value_tree, hf_saprfc_item_value, tvb, offset, item_length, "Export Parameter Name: %s", value_str);
597 proto_item_append_text(item, ", Export Parameter Name=%s", value_str);
599 } else if (item_id1==0x02 && item_id2==0x13){
600 proto_tree_add_none_format(item_value_tree, hf_saprfc_item_value, tvb, offset, item_length, "Type Structure A");
602 } else if (item_id1==0x03 && item_id2==0x01){
603 int8_t *value_str = tvb_get_string_enc(pinfo->pool, tvb, offset, item_length, ENC_ASCII);
604 proto_tree_add_none_format(item_value_tree, hf_saprfc_item_value, tvb, offset, item_length, "Table Name: %s", value_str);
605 proto_item_append_text(item, ", Table Name=%s", value_str);
607 } else if (item_id1==0x03 && item_id2==0x02){
608 uint32_t value_uint32;
610 if (item_length != 8) {
611 expert_add_info_format(pinfo, item_value_tree, &ei_saprfc_item_length_invalid, "Table Info length is invalid");
613 value_uint32 = tvb_get_ntohl(tvb, offset);
614 proto_tree_add_none_format(item_value_tree, hf_saprfc_item_value, tvb, offset, 4, "Row Width: %d", value_uint32);
615 proto_item_append_text(item, ", Row Width=%d", value_uint32);
616 offset+=4;
617 value_uint32 = tvb_get_ntohl(tvb, offset);
618 proto_tree_add_none_format(item_value_tree, hf_saprfc_item_value, tvb, offset, 4, "Total Row Count: %d", value_uint32);
619 proto_item_append_text(item, ", Total Row Count=%d", value_uint32);
621 } else if (item_id1==0x03 && item_id2==0x05){
622 global_saprfc_table_content_counter+= 1;
623 if (global_saprfc_table_content_counter==1){
624 offset += 4; /* Skip the first 4 bytes */
625 proto_tree_add_item(item_value_tree, hf_saprfc_table_length, tvb, offset, 4, ENC_BIG_ENDIAN);
626 offset += 4;
629 proto_tree_add_none_format(item_value_tree, hf_saprfc_item_value, tvb, offset, item_length, "Table Content LZ");
631 if (global_saprfc_table_content_counter==1){
632 proto_item_append_text(item, ", Table Content LZ (first)");
633 } else {
634 proto_item_append_text(item, ", Table Content LZ");
637 } else if (item_id1==0x03 && item_id2==0x06){
638 global_saprfc_table_content_counter = 0;
639 proto_tree_add_none_format(item_value_tree, hf_saprfc_item_value, tvb, offset, item_length, "Table Content End");
640 proto_item_append_text(item, ", Table Content End");
642 } else if (item_id1==0x01 && item_id2==0x36){
643 int8_t *value_str;
644 uint8_t value_uint8;
645 uint32_t value_uint32;
647 value_uint8 = tvb_get_uint8(tvb, offset);
648 proto_tree_add_none_format(item_value_tree, hf_saprfc_item_value, tvb, offset, 1, "#: %u", value_uint8);
649 proto_item_append_text(item, ", #=%u", value_uint8);
650 offset+=1;
651 value_str = tvb_bytes_to_str(pinfo->pool, tvb, offset, 16);
652 proto_tree_add_none_format(item_value_tree, hf_saprfc_item_value, tvb, offset, 16, "Root-id: %s", value_str);
653 proto_item_append_text(item, ", Root-id=%s", value_str);
654 offset+=16;
655 value_str = tvb_bytes_to_str(pinfo->pool, tvb, offset, 16);
656 proto_tree_add_none_format(item_value_tree, hf_saprfc_item_value, tvb, offset, 16, "Coon-id: %s", value_str);
657 proto_item_append_text(item, ", Coon-id=%s", value_str);
658 offset+=16;
659 value_uint32 = tvb_get_ntohl(tvb, offset);
660 proto_tree_add_none_format(item_value_tree, hf_saprfc_item_value, tvb, offset, 4, "#: %d", value_uint32);
661 proto_item_append_text(item, ", #=%u", value_uint32);
663 } else if (item_id1==0xFF && item_id2==0xFF){
664 proto_item_append_text(item, ", End of RFC message");
666 } else {
667 /* If the preference is set, report the item as unknown in the expert info */
668 if (global_saprfc_highlight_items){
669 expert_add_info_format(pinfo, item, &ei_saprfc_unknown_item, "The RFC item has a unknown type that is not dissected (%u %u)", item_id1, item_id2);
674 static void
675 dissect_saprfc_payload(tvbuff_t *tvb, packet_info *info, proto_tree *tree, proto_tree *parent_tree, uint32_t offset){
677 uint8_t item_id1, item_id2;
678 uint16_t item_length, item_value_length;
680 proto_item *item = NULL, *item_value = NULL;
681 proto_tree *item_tree = NULL, *item_value_tree = NULL;
683 while (tvb_offset_exists(tvb, offset)){
684 item_length = 0;
686 /* Add the item subtree. We start with a item's length of 1, as we don't have yet the real size of the item */
687 item = proto_tree_add_item(tree, hf_saprfc_item, tvb, offset, 1, ENC_NA);
688 item_tree = proto_item_add_subtree(item, ett_saprfc);
690 /* Get the first identifier */
691 item_id1 = tvb_get_uint8(tvb, offset);
692 proto_tree_add_item(item_tree, hf_saprfc_item_id1, tvb, offset, 1, ENC_BIG_ENDIAN);
693 offset += 1;
694 item_length += 1;
695 proto_item_append_text(item, ": (0x%.2x)", item_id1);
697 /* Check if it's an End of message */
698 if (item_id1==0x0c){
699 break; /* ? */
701 /* Otherwise follow dissection */
702 } else {
704 item_id2 = tvb_get_uint8(tvb, offset);
705 proto_tree_add_item(item_tree, hf_saprfc_item_id2, tvb, offset, 1, ENC_BIG_ENDIAN);
706 offset += 1;
707 item_length += 1;
708 proto_item_append_text(item, ", (0x%.2x)", item_id2);
710 item_value_length = tvb_get_ntohs(tvb, offset);
711 proto_tree_add_item(item_tree, hf_saprfc_item_length, tvb, offset, 2, ENC_BIG_ENDIAN);
712 offset += 2;
713 item_length += 2;
714 proto_item_append_text(item, ", Length=%d", item_value_length);
717 /* Now we have the real length of the item, set the proper size */
718 item_length += item_value_length;
719 proto_item_set_len(item, item_length);
721 item_value = proto_tree_add_item(item_tree, hf_saprfc_item_value, tvb, offset, item_value_length, ENC_NA);
722 item_value_tree = proto_item_add_subtree(item_value, ett_saprfc);
723 dissect_saprfc_item(tvb, info, item, item_value_tree, offset, item_id1, item_id2, item_value_length);
725 /* Also send the tables items for reassembling */
726 if (global_saprfc_table_reassembly && item_id1==0x02 && item_id2==0x13){
727 dissect_saprfc_tables(tvb, info, parent_tree, offset, item_value_length);
730 offset+= item_value_length;
732 /* ID1 and ID2 are repeated as closing markers */
733 offset+= 2;
735 /* 0xFF 0xFF marks end of RFC message */
736 if (item_id1==0xFF && item_id2==0xFF){
737 break;
744 static void
745 dissect_saprfc_monitor_cmd(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, uint8_t version _U_, uint32_t offset){
746 uint8_t opcode;
748 opcode = tvb_get_uint8(tvb, offset);
749 col_append_fstr(pinfo->cinfo, COL_INFO, ", Command=%s", val_to_str_const(opcode, saprfc_monitor_cmd_values, "Unknown"));
751 proto_tree_add_item(tree, hf_saprfc_monitor_cmd, tvb, offset, 1, ENC_BIG_ENDIAN);
752 //offset+=1;
753 proto_item_append_text(tree, ", Command=%s", val_to_str_const(opcode, saprfc_monitor_cmd_values, "Unknown"));
755 switch (opcode){
756 // TODO: Dissect RFC monitor command opcodes
762 static void
763 dissect_saprfc_header(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, uint32_t offset){
764 uint8_t version = 0, reqtype = 0;
765 proto_item *header = NULL, *info = NULL, *info2 = NULL, *info3 = NULL, *info4 = NULL, *reqtype2 = NULL, *params = NULL;
766 proto_tree *header_tree = NULL, *info_tree = NULL, *info2_tree = NULL, *info3_tree = NULL, *info4_tree = NULL, *reqtype2_tree = NULL, *params_tree;
768 version = tvb_get_uint8(tvb, offset);
769 reqtype = tvb_get_uint8(tvb, offset + 1);
771 col_append_fstr(pinfo->cinfo, COL_INFO, "APPC Version=%u, Request Type=%s", version, val_to_str_const(reqtype, saprfc_header_reqtype_values, "Unknown"));
773 /* Add the APPC header subtree */
774 header = proto_tree_add_item(tree, hf_saprfc_header, tvb, offset, 28, ENC_NA);
775 header_tree = proto_item_add_subtree(header, ett_saprfc);
777 proto_item_append_text(header, ", Version=%u, Request Type=%s", version, val_to_str_const(reqtype, saprfc_header_reqtype_values, "Unknown"));
779 proto_tree_add_item(header_tree, hf_saprfc_header_version, tvb, offset, 1, ENC_BIG_ENDIAN);
780 offset += 1;
781 proto_tree_add_item(header_tree, hf_saprfc_header_reqtype, tvb, offset, 1, ENC_BIG_ENDIAN);
782 offset += 1;
783 proto_tree_add_item(header_tree, hf_saprfc_header_protocol, tvb, offset, 1, ENC_BIG_ENDIAN);
784 offset += 1;
785 proto_tree_add_item(header_tree, hf_saprfc_header_mode, tvb, offset, 1, ENC_BIG_ENDIAN);
786 offset += 1;
787 proto_tree_add_item(header_tree, hf_saprfc_header_uid, tvb, offset, 2, ENC_BIG_ENDIAN);
788 offset += 2;
789 proto_tree_add_item(header_tree, hf_saprfc_header_gw_id, tvb, offset, 2, ENC_BIG_ENDIAN);
790 offset += 2;
791 proto_tree_add_item(header_tree, hf_saprfc_header_err_len, tvb, offset, 2, ENC_BIG_ENDIAN);
792 offset += 2;
794 info2 = proto_tree_add_item(header_tree, hf_saprfc_header_info2, tvb, offset, 1, ENC_BIG_ENDIAN);
795 info2_tree = proto_item_add_subtree(info2, ett_saprfc);
796 proto_tree_add_item(info2_tree, hf_saprfc_header_info2_WITH_LONG_LU_NAME, tvb, offset, 1, ENC_BIG_ENDIAN);
797 proto_tree_add_item(info2_tree, hf_saprfc_header_info2_WITH_LONG_HOSTADDR, tvb, offset, 1, ENC_BIG_ENDIAN);
798 proto_tree_add_item(info2_tree, hf_saprfc_header_info2_GW_IMMEDIATE, tvb, offset, 1, ENC_BIG_ENDIAN);
799 proto_tree_add_item(info2_tree, hf_saprfc_header_info2_GW_SNC_ACTIVE, tvb, offset, 1, ENC_BIG_ENDIAN);
800 proto_tree_add_item(info2_tree, hf_saprfc_header_info2_GW_WAIT_LOOK_UP, tvb, offset, 1, ENC_BIG_ENDIAN);
801 proto_tree_add_item(info2_tree, hf_saprfc_header_info2_SNC_INIT_PHASE, tvb, offset, 1, ENC_BIG_ENDIAN);
802 proto_tree_add_item(info2_tree, hf_saprfc_header_info2_GW_STATELESS, tvb, offset, 1, ENC_BIG_ENDIAN);
803 proto_tree_add_item(info2_tree, hf_saprfc_header_info2_GW_NO_STATE_CHECK, tvb, offset, 1, ENC_BIG_ENDIAN);
804 offset += 1;
806 proto_tree_add_item(header_tree, hf_saprfc_header_trace_level, tvb, offset, 1, ENC_BIG_ENDIAN);
807 offset += 1;
808 proto_tree_add_item(header_tree, hf_saprfc_header_time, tvb, offset, 4, ENC_BIG_ENDIAN);
809 offset += 4;
811 info3 = proto_tree_add_item(header_tree, hf_saprfc_header_info3, tvb, offset, 1, ENC_BIG_ENDIAN);
812 info3_tree = proto_item_add_subtree(info3, ett_saprfc);
813 proto_tree_add_item(info3_tree, hf_saprfc_header_info3_GW_WITH_CODE_PAGE, tvb, offset, 1, ENC_BIG_ENDIAN);
814 proto_tree_add_item(info3_tree, hf_saprfc_header_info3_GW_ASYNC_RFC, tvb, offset, 1, ENC_BIG_ENDIAN);
815 proto_tree_add_item(info3_tree, hf_saprfc_header_info3_GW_CANCEL_HARD, tvb, offset, 1, ENC_BIG_ENDIAN);
816 proto_tree_add_item(info3_tree, hf_saprfc_header_info3_GW_CANCEL_SOFT, tvb, offset, 1, ENC_BIG_ENDIAN);
817 proto_tree_add_item(info3_tree, hf_saprfc_header_info3_GW_WITH_GUI_TIMEOUT, tvb, offset, 1, ENC_BIG_ENDIAN);
818 proto_tree_add_item(info3_tree, hf_saprfc_header_info3_GW_TERMIO_ERROR, tvb, offset, 1, ENC_BIG_ENDIAN);
819 proto_tree_add_item(info3_tree, hf_saprfc_header_info3_GW_EXTENDED_INIT_OPTIONS, tvb, offset, 1, ENC_BIG_ENDIAN);
820 proto_tree_add_item(info3_tree, hf_saprfc_header_info3_GW_DIST_TRACE, tvb, offset, 1, ENC_BIG_ENDIAN);
821 offset += 1;
823 proto_tree_add_item(header_tree, hf_saprfc_header_timeout, tvb, offset, 4, ENC_BIG_ENDIAN);
824 offset += 4;
826 info4 = proto_tree_add_item(header_tree, hf_saprfc_header_info4, tvb, offset, 1, ENC_BIG_ENDIAN);
827 info4_tree = proto_item_add_subtree(info4, ett_saprfc);
828 proto_tree_add_item(info4_tree, hf_saprfc_header_info4_GW_WITH_DBG_CTL, tvb, offset, 1, ENC_BIG_ENDIAN);
829 offset += 1;
831 proto_tree_add_item(header_tree, hf_saprfc_header_sequence_no, tvb, offset, 4, ENC_BIG_ENDIAN);
832 offset += 4;
833 proto_tree_add_item(header_tree, hf_saprfc_header_sap_params_len, tvb, offset, 2, ENC_BIG_ENDIAN);
834 offset += 2;
835 offset += 2; /* Skip 2 bytes here */
837 info = proto_tree_add_item(header_tree, hf_saprfc_header_info, tvb, offset, 1, ENC_BIG_ENDIAN);
838 info_tree = proto_item_add_subtree(info, ett_saprfc);
839 proto_tree_add_item(info_tree, hf_saprfc_header_info_SYNC_CPIC_FUNCTION, tvb, offset, 1, ENC_BIG_ENDIAN);
840 proto_tree_add_item(info_tree, hf_saprfc_header_info_WITH_HOSTADDR, tvb, offset, 1, ENC_BIG_ENDIAN);
841 proto_tree_add_item(info_tree, hf_saprfc_header_info_WITH_GW_SAP_PARAMS_HDR, tvb, offset, 1, ENC_BIG_ENDIAN);
842 proto_tree_add_item(info_tree, hf_saprfc_header_info_CPIC_SYNC_REQ, tvb, offset, 1, ENC_BIG_ENDIAN);
843 proto_tree_add_item(info_tree, hf_saprfc_header_info_WITH_ERR_INFO, tvb, offset, 1, ENC_BIG_ENDIAN);
844 proto_tree_add_item(info_tree, hf_saprfc_header_info_DATA_WITH_TERM_OUTPUT, tvb, offset, 1, ENC_BIG_ENDIAN);
845 proto_tree_add_item(info_tree, hf_saprfc_header_info_DATA_WITH_TERM_INPUT, tvb, offset, 1, ENC_BIG_ENDIAN);
846 proto_tree_add_item(info_tree, hf_saprfc_header_info_R3_CPIC_LOGIN_WITH_TERM, tvb, offset, 1, ENC_BIG_ENDIAN);
847 offset += 1;
849 reqtype2 = proto_tree_add_item(header_tree, hf_saprfc_header_reqtype2, tvb, offset, 1, ENC_BIG_ENDIAN);
850 reqtype2_tree = proto_item_add_subtree(reqtype2, ett_saprfc);
851 proto_tree_add_item(reqtype2_tree, hf_saprfc_header_reqtype2_F_V_INITIALIZE_CONVERSATION, tvb, offset, 1, ENC_BIG_ENDIAN);
852 proto_tree_add_item(reqtype2_tree, hf_saprfc_header_reqtype2_F_V_ALLOCATE, tvb, offset, 1, ENC_BIG_ENDIAN);
853 proto_tree_add_item(reqtype2_tree, hf_saprfc_header_reqtype2_F_V_SEND_DATA, tvb, offset, 1, ENC_BIG_ENDIAN);
854 proto_tree_add_item(reqtype2_tree, hf_saprfc_header_reqtype2_F_V_RECEIVE, tvb, offset, 1, ENC_BIG_ENDIAN);
855 proto_tree_add_item(reqtype2_tree, hf_saprfc_header_reqtype2_F_V_FLUSH, tvb, offset, 1, ENC_BIG_ENDIAN);
856 offset += 1;
858 proto_tree_add_item(header_tree, hf_saprfc_header_appc_rc, tvb, offset, 4, ENC_BIG_ENDIAN);
859 offset += 4;
860 proto_tree_add_item(header_tree, hf_saprfc_header_sap_rc, tvb, offset, 4, ENC_BIG_ENDIAN);
861 offset += 4;
862 proto_tree_add_item(header_tree, hf_saprfc_header_conversation_id, tvb, offset, 8, ENC_ASCII|ENC_NA);
863 offset += 8;
865 /* Dissect the NCPIC Parameters according to the request type */
866 params = proto_tree_add_item(header_tree, hf_saprfc_header_ncpic_parameters, tvb, offset, 28, ENC_NA);
867 params_tree = proto_item_add_subtree(params, ett_saprfc);
868 switch (reqtype){
869 case 0x01:{ /* F_INITIALIZE_CONVERSATION */
870 proto_tree_add_item(params_tree, hf_saprfc_header_ncpic_parameters_sdest, tvb, offset, 8, ENC_ASCII|ENC_NA);
871 offset += 8;
872 proto_tree_add_item(params_tree, hf_saprfc_header_ncpic_parameters_lu, tvb, offset, 8, ENC_ASCII|ENC_NA);
873 offset += 8;
874 proto_tree_add_item(params_tree, hf_saprfc_header_ncpic_parameters_tp, tvb, offset, 8, ENC_ASCII|ENC_NA);
875 offset += 8;
876 proto_tree_add_item(params_tree, hf_saprfc_header_ncpic_parameters_ctype, tvb, offset, 1, ENC_ASCII|ENC_NA);
877 offset += 1;
878 proto_tree_add_item(params_tree, hf_saprfc_header_ncpic_parameters_client_info, tvb, offset, 1, ENC_BIG_ENDIAN);
879 offset += 1;
880 offset += 2; /* Sum remaining bytes */
881 break;
883 case 0x0f:{ /* F_SET_PARTNER_LU_NAME */
884 proto_tree_add_item(params_tree, hf_saprfc_header_ncpic_parameters_lu_name, tvb, offset, 8, ENC_ASCII|ENC_NA);
885 offset += 8;
886 proto_tree_add_item(params_tree, hf_saprfc_header_ncpic_parameters_lu_name_length, tvb, offset, 4, ENC_BIG_ENDIAN);
887 offset += 4;
888 proto_tree_add_item(params_tree, hf_saprfc_header_ncpic_parameters_host_address, tvb, offset, 16, ENC_NA);
889 offset += 16;
890 break;
892 case 0x17:{ /* F_SET_SECURITY_TYPE */
893 proto_tree_add_item(params_tree, hf_saprfc_header_ncpic_parameters_security_password, tvb, offset, 8, ENC_ASCII|ENC_NA);
894 offset += 8;
895 proto_tree_add_item(params_tree, hf_saprfc_header_ncpic_parameters_security_password_length, tvb, offset, 4, ENC_BIG_ENDIAN);
896 offset += 4;
897 offset += 16; /* Sum remaining bytes */
898 break;
900 default:{
901 offset += 28;
905 proto_tree_add_item(header_tree, hf_saprfc_header_comm_idx, tvb, offset, 2, ENC_BIG_ENDIAN);
906 offset += 2;
907 proto_tree_add_item(header_tree, hf_saprfc_header_conn_idx, tvb, offset, 2, ENC_BIG_ENDIAN);
910 static int
911 dissect_saprfc_internal(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void *data _U_)
913 uint32_t offset = 0;
914 proto_item *saprfc, *payload = NULL;
915 proto_tree *saprfc_tree, *payload_tree = NULL;
917 /* Add the main saprfc subtree */
918 saprfc = proto_tree_add_item(tree, proto_saprfc, tvb, 0, -1, ENC_NA);
919 saprfc_tree = proto_item_add_subtree(saprfc, ett_saprfc);
921 /* Check the payload length */
922 if (tvb_reported_length_remaining(tvb, offset) > 0) {
923 /* Add the payload subtree */
924 payload = proto_tree_add_item(saprfc_tree, hf_saprfc_payload, tvb, offset, -1, ENC_NA);
925 payload_tree = proto_item_add_subtree(payload, ett_saprfc);
927 /* Dissect the payload */
928 dissect_saprfc_payload(tvb, pinfo, payload_tree, saprfc_tree, offset);
931 return tvb_reported_length(tvb);
934 static int
935 dissect_saprfc(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void *data _U_)
937 uint32_t offset = 0;
938 uint8_t version = 0, req_type = 0;
939 proto_item *saprfc = NULL, *accept_info = NULL;
940 proto_tree *saprfc_tree = NULL, *accept_info_tree = NULL;
942 /* Add the protocol to the column */
943 col_set_str(pinfo->cinfo, COL_PROTOCOL, "SAPRFC");
944 /* Clear out stuff in the info column */
945 col_clear(pinfo->cinfo, COL_INFO);
947 /* Get version and request type values */
948 version = tvb_get_uint8(tvb, offset);
949 req_type = tvb_get_uint8(tvb, offset + 1);
951 /* Check if the message is valid or it is an APPC header */
952 /* TODO: We need to find a way of performing this check, as Wireshark is
953 * state-less seems to be difficult to keep track of the requests/responses.
955 if (version > 0x03){
956 /* Add the main saprfc subtree */
957 saprfc = proto_tree_add_item(tree, proto_saprfc, tvb, 0, -1, ENC_NA);
958 saprfc_tree = proto_item_add_subtree(saprfc, ett_saprfc);
959 dissect_saprfc_header(tvb, pinfo, saprfc_tree, offset);
960 return tvb_reported_length(tvb);
963 col_append_fstr(pinfo->cinfo, COL_INFO, "Version=%u, Request Type=%s", version, val_to_str_const(req_type, saprfc_reqtype_values, "Unknown"));
965 /* Add the main saprfc subtree */
966 saprfc = proto_tree_add_item(tree, proto_saprfc, tvb, 0, -1, ENC_NA);
967 saprfc_tree = proto_item_add_subtree(saprfc, ett_saprfc);
969 /* Dissect common fields */
970 proto_tree_add_item(saprfc_tree, hf_saprfc_version, tvb, offset, 1, ENC_BIG_ENDIAN); offset+=1;
971 proto_tree_add_item(saprfc_tree, hf_saprfc_reqtype, tvb, offset, 1, ENC_BIG_ENDIAN); offset+=1;
972 proto_item_append_text(saprfc_tree, ", Version=%u, Request Type=%s", version, val_to_str_const(req_type, saprfc_reqtype_values, "Unknown"));
974 /* Dissect the remaining based on the version and request type */
975 switch (req_type){
977 case 0x03: /* GW_NORMAL_CLIENT */
978 case 0x0b:{ /* GW_REGISTER_TP */
979 proto_tree_add_item(saprfc_tree, hf_saprfc_address, tvb, offset, 4, ENC_BIG_ENDIAN);
980 offset += 4;
981 offset += 4; /* Skip 4 bytes here */
982 proto_tree_add_item(saprfc_tree, hf_saprfc_service, tvb, offset, 10, ENC_ASCII|ENC_NA);
983 offset += 10;
984 proto_tree_add_item(saprfc_tree, hf_saprfc_codepage, tvb, offset, 4, ENC_ASCII|ENC_NA);
985 offset += 4;
986 offset += 6; /* Skip 6 bytes here */
987 proto_tree_add_item(saprfc_tree, hf_saprfc_lu, tvb, offset, 8, ENC_ASCII|ENC_NA);
988 offset += 8;
989 proto_tree_add_item(saprfc_tree, hf_saprfc_tp, tvb, offset, 8, ENC_ASCII|ENC_NA);
990 offset += 8;
991 proto_tree_add_item(saprfc_tree, hf_saprfc_conversation_id, tvb, offset, 8, ENC_ASCII|ENC_NA);
992 offset += 8;
993 proto_tree_add_item(saprfc_tree, hf_saprfc_appc_header_version, tvb, offset, 1, ENC_BIG_ENDIAN);
994 offset += 1;
996 accept_info = proto_tree_add_item(saprfc_tree, hf_saprfc_accept_info, tvb, offset, 1, ENC_BIG_ENDIAN);
997 accept_info_tree = proto_item_add_subtree(accept_info, ett_saprfc);
998 proto_tree_add_item(accept_info_tree, hf_saprfc_accept_info_EINFO, tvb, offset, 1, ENC_BIG_ENDIAN);
999 proto_tree_add_item(accept_info_tree, hf_saprfc_accept_info_PING, tvb, offset, 1, ENC_BIG_ENDIAN);
1000 proto_tree_add_item(accept_info_tree, hf_saprfc_accept_info_SNC, tvb, offset, 1, ENC_BIG_ENDIAN);
1001 proto_tree_add_item(accept_info_tree, hf_saprfc_accept_info_CONN_EINFO, tvb, offset, 1, ENC_BIG_ENDIAN);
1002 proto_tree_add_item(accept_info_tree, hf_saprfc_accept_info_CODE_PAGE, tvb, offset, 1, ENC_BIG_ENDIAN);
1003 proto_tree_add_item(accept_info_tree, hf_saprfc_accept_info_NIPING, tvb, offset, 1, ENC_BIG_ENDIAN);
1004 proto_tree_add_item(accept_info_tree, hf_saprfc_accept_info_EXTINITOPT, tvb, offset, 1, ENC_BIG_ENDIAN);
1005 proto_tree_add_item(accept_info_tree, hf_saprfc_accept_info_GW_ACCEPT_DIST_TRACE, tvb, offset, 1, ENC_BIG_ENDIAN);
1006 offset += 1;
1008 proto_tree_add_item(saprfc_tree, hf_saprfc_idx, tvb, offset, 2, ENC_BIG_ENDIAN);
1009 offset += 2;
1011 if (version == 0x03){
1012 proto_tree_add_item(saprfc_tree, hf_saprfc_address6, tvb, offset, 16, ENC_NA);
1013 offset += 16;
1016 proto_tree_add_item(saprfc_tree, hf_saprfc_rc, tvb, offset, 4, ENC_BIG_ENDIAN);
1017 offset += 4;
1018 proto_tree_add_item(saprfc_tree, hf_saprfc_echo_data, tvb, offset, 1, ENC_BIG_ENDIAN);
1019 offset += 1;
1020 proto_tree_add_item(saprfc_tree, hf_saprfc_filler, tvb, offset, 1, ENC_BIG_ENDIAN);
1021 break;
1023 case 0x09:{ /* GW_SEND_CMD */
1024 dissect_saprfc_monitor_cmd(tvb, pinfo, saprfc_tree, version, 2);
1025 break;
1029 return tvb_reported_length(tvb);
1032 void
1033 proto_register_saprfc(void)
1035 static hf_register_info hf[] = {
1036 { &hf_saprfc_version,
1037 { "Version", "saprfc.version", FT_UINT8, BASE_DEC, NULL, 0x0, "SAP RFC Version", HFILL }},
1038 { &hf_saprfc_reqtype,
1039 { "Request Type", "saprfc.reqtype", FT_UINT8, BASE_HEX, VALS(saprfc_reqtype_values), 0x0, "SAP RFC Request Type", HFILL }},
1040 { &hf_saprfc_address,
1041 { "IPv4 Address", "saprfc.address", FT_IPv4, BASE_NONE, NULL, 0x0, "SAP RFC IPv4 Address", HFILL }},
1042 { &hf_saprfc_service,
1043 { "Service", "saprfc.service", FT_STRING, BASE_NONE, NULL, 0x0, "SAP RFC Service", HFILL }},
1044 { &hf_saprfc_codepage,
1045 { "Codepage", "saprfc.codepage", FT_STRING, BASE_NONE, NULL, 0x0, "SAP RFC Codepage", HFILL }},
1046 { &hf_saprfc_lu,
1047 { "LU", "saprfc.lu", FT_STRING, BASE_NONE, NULL, 0x0, "SAP RFC LU", HFILL }},
1048 { &hf_saprfc_tp,
1049 { "TP", "saprfc.tp", FT_STRING, BASE_NONE, NULL, 0x0, "SAP RFC TP", HFILL }},
1050 { &hf_saprfc_conversation_id,
1051 { "Conversation ID", "saprfc.conversation_id", FT_STRING, BASE_NONE, NULL, 0x0, "SAP RFC Conversation ID", HFILL }},
1052 { &hf_saprfc_appc_header_version,
1053 { "APPC Header Version", "saprfc.appc_hd_version", FT_UINT8, BASE_DEC, NULL, 0x0, "SAP RFC APPC Header Version", HFILL }},
1054 { &hf_saprfc_accept_info,
1055 { "Accept Info Flags", "saprfc.accept_info", FT_UINT8, BASE_HEX, NULL, 0x0, "SAP RFC Accept Info Flags", HFILL }},
1056 { &hf_saprfc_accept_info_EINFO,
1057 { "Accept Info Flag EINFO", "saprfc.accept_info.EINFO", FT_BOOLEAN, 8, NULL, SAPRFC_ACCEPT_INFO_EINFO, "SAP RFC Accept Info Flag EINFO", HFILL }},
1058 { &hf_saprfc_accept_info_PING,
1059 { "Accept Info Flag PING", "saprfc.accept_info.PING", FT_BOOLEAN, 8, NULL, SAPRFC_ACCEPT_INFO_PING, "SAP RFC Accept Info Flag PING", HFILL }},
1060 { &hf_saprfc_accept_info_SNC,
1061 { "Accept Info Flag SNC", "saprfc.accept_info.SNC", FT_BOOLEAN, 8, NULL, SAPRFC_ACCEPT_INFO_SNC, "SAP RFC Accept Info Flag SNC", HFILL }},
1062 { &hf_saprfc_accept_info_CONN_EINFO,
1063 { "Accept Info Flag CONN_EINFO", "saprfc.accept_info.CONN_EINFO", FT_BOOLEAN, 8, NULL, SAPRFC_ACCEPT_INFO_CONN_EINFO, "SAP RFC Accept Info Flag CONN_EINFO", HFILL }},
1064 { &hf_saprfc_accept_info_CODE_PAGE,
1065 { "Accept Info Flag CODE_PAGE", "saprfc.accept_info.CODE_PAGE", FT_BOOLEAN, 8, NULL, SAPRFC_ACCEPT_INFO_CODE_PAGE, "SAP RFC Accept Info Flag CODE_PAGE", HFILL }},
1066 { &hf_saprfc_accept_info_NIPING,
1067 { "Accept Info Flag NIPING", "saprfc.accept_info.NIPING", FT_BOOLEAN, 8, NULL, SAPRFC_ACCEPT_INFO_NIPING, "SAP RFC Accept Info Flag NIPING", HFILL }},
1068 { &hf_saprfc_accept_info_EXTINITOPT,
1069 { "Accept Info Flag EXTINITOPT", "saprfc.accept_info.EXTINITOPT", FT_BOOLEAN, 8, NULL, SAPRFC_ACCEPT_INFO_EXTINITOPT, "SAP RFC Accept Info Flag EXTINITOPT", HFILL }},
1070 { &hf_saprfc_accept_info_GW_ACCEPT_DIST_TRACE,
1071 { "Accept Info Flag GW_ACCEPT_DIST_TRACE", "saprfc.accept_info.GW_ACCEPT_DIST_TRACE", FT_BOOLEAN, 8, NULL, SAPRFC_ACCEPT_INFO_GW_ACCEPT_DIST_TRACE, "SAP RFC Accept Info Flag GW_ACCEPT_DIST_TRACE", HFILL }},
1072 { &hf_saprfc_idx,
1073 { "Index", "saprfc.index", FT_INT16, BASE_DEC, NULL, 0x0, "SAP RFC Index", HFILL }},
1074 { &hf_saprfc_address6,
1075 { "IPv6 Address", "saprfc.address6", FT_IPv6, BASE_NONE, NULL, 0x0, "SAP RFC IPv6 Address", HFILL }},
1076 { &hf_saprfc_rc,
1077 { "Return Code", "saprfc.rc", FT_UINT32, BASE_DEC, NULL, 0x0, "SAP RFC Return Code", HFILL }},
1078 { &hf_saprfc_echo_data,
1079 { "Echo Data", "saprfc.echo_data", FT_UINT8, BASE_DEC, NULL, 0x0, "SAP RFC Echo Data", HFILL }},
1080 { &hf_saprfc_filler,
1081 { "Filler", "saprfc.filler", FT_UINT8, BASE_DEC, NULL, 0x0, "SAP RFC Echo Data", HFILL }},
1083 /* Monitor Commands*/
1084 { &hf_saprfc_monitor_cmd,
1085 { "Command", "saprfc.monitor_cmd", FT_UINT8, BASE_DEC, VALS(saprfc_monitor_cmd_values), 0x0, "SAP RFC Monitor Command", HFILL }},
1087 /* APPC Header */
1088 { &hf_saprfc_header,
1089 { "APPC Header", "saprfc.appcheader", FT_NONE, BASE_NONE, NULL, 0x0, "SAP RFC APPC Header", HFILL }},
1090 { &hf_saprfc_header_version,
1091 { "Version", "saprfc.appcheader.version", FT_UINT8, BASE_DEC, NULL, 0x0, "SAP RFC APPC Header Version", HFILL }},
1092 { &hf_saprfc_header_reqtype,
1093 { "Request Type", "saprfc.appcheader.reqtype", FT_UINT8, BASE_HEX, VALS(saprfc_header_reqtype_values), 0x0, "SAP RFC APPC Header Request Type", HFILL }},
1094 { &hf_saprfc_header_protocol,
1095 { "Protocol", "saprfc.appcheader.protocol", FT_UINT8, BASE_HEX, VALS(saprfc_header_protocol_values), 0x0, "SAP RFC APPC Header Protocol", HFILL }},
1096 { &hf_saprfc_header_mode,
1097 { "Mode", "saprfc.appcheader.mode", FT_UINT8, BASE_DEC, NULL, 0x0, "SAP RFC APPC Header Mode", HFILL }},
1098 { &hf_saprfc_header_uid,
1099 { "UID", "saprfc.appcheader.uid", FT_INT16, BASE_DEC, NULL, 0x0, "SAP RFC APPC Header UID", HFILL }},
1100 { &hf_saprfc_header_gw_id,
1101 { "Gateway ID", "saprfc.appcheader.gw_id", FT_UINT16, BASE_HEX, NULL, 0x0, "SAP RFC APPC Header Gateway ID", HFILL }},
1102 { &hf_saprfc_header_err_len,
1103 { "Error Length", "saprfc.appcheader.err_len", FT_UINT16, BASE_DEC, NULL, 0x0, "SAP RFC APPC Header Error Length", HFILL }},
1104 { &hf_saprfc_header_info2,
1105 { "Info 2", "saprfc.appcheader.info2", FT_UINT8, BASE_HEX, NULL, 0x0, "SAP RFC APPC Header Info 2", HFILL }},
1106 { &hf_saprfc_header_info2_WITH_LONG_LU_NAME,
1107 { "Info 2 Flag WITH_LONG_LU_NAME", "saprfc.info2.WITH_LONG_LU_NAME", FT_BOOLEAN, 8, NULL, SAPRFC_APPCHDR_INFO2_WITH_LONG_LU_NAME, "SAP RFC Info 2 Flag WITH_LONG_LU_NAME", HFILL }},
1108 { &hf_saprfc_header_info2_WITH_LONG_HOSTADDR,
1109 { "Info 2 Flag WITH_LONG_HOSTADDR", "saprfc.info2.WITH_LONG_HOSTADDR", FT_BOOLEAN, 8, NULL, SAPRFC_APPCHDR_INFO2_WITH_LONG_HOSTADDR, "SAP RFC Info 2 Flag WITH_LONG_HOSTADDR", HFILL }},
1110 { &hf_saprfc_header_info2_GW_IMMEDIATE,
1111 { "Info 2 Flag GW_IMMEDIATE", "saprfc.info2.GW_IMMEDIATE", FT_BOOLEAN, 8, NULL, SAPRFC_APPCHDR_INFO2_GW_IMMEDIATE, "SAP RFC Info 2 Flag GW_IMMEDIATE", HFILL }},
1112 { &hf_saprfc_header_info2_GW_SNC_ACTIVE,
1113 { "Info 2 Flag GW_SNC_ACTIVE", "saprfc.info2.GW_SNC_ACTIVE", FT_BOOLEAN, 8, NULL, SAPRFC_APPCHDR_INFO2_GW_SNC_ACTIVE, "SAP RFC Info 2 Flag GW_SNC_ACTIVE", HFILL }},
1114 { &hf_saprfc_header_info2_GW_WAIT_LOOK_UP,
1115 { "Info 2 Flag GW_WAIT_LOOK_UP", "saprfc.info2.GW_WAIT_LOOK_UP", FT_BOOLEAN, 8, NULL, SAPRFC_APPCHDR_INFO2_GW_WAIT_LOOK_UP, "SAP RFC Info 2 Flag GW_WAIT_LOOK_UP", HFILL }},
1116 { &hf_saprfc_header_info2_SNC_INIT_PHASE,
1117 { "Info 2 Flag SNC_INIT_PHASE", "saprfc.info2.SNC_INIT_PHASE", FT_BOOLEAN, 8, NULL, SAPRFC_APPCHDR_INFO2_SNC_INIT_PHASE, "SAP RFC Info 2 Flag SNC_INIT_PHASE", HFILL }},
1118 { &hf_saprfc_header_info2_GW_STATELESS,
1119 { "Info 2 Flag GW_STATELESS", "saprfc.info2.GW_STATELESS", FT_BOOLEAN, 8, NULL, SAPRFC_APPCHDR_INFO2_GW_STATELESS, "SAP RFC Info 2 Flag GW_STATELESS", HFILL }},
1120 { &hf_saprfc_header_info2_GW_NO_STATE_CHECK,
1121 { "Info 2 Flag GW_NO_STATE_CHECK", "saprfc.info2.GW_NO_STATE_CHECK", FT_BOOLEAN, 8, NULL, SAPRFC_APPCHDR_INFO2_GW_NO_STATE_CHECK, "SAP RFC Info 2 Flag GW_NO_STATE_CHECK", HFILL }},
1122 { &hf_saprfc_header_trace_level,
1123 { "Trace Level", "saprfc.appcheader.trace_level", FT_UINT8, BASE_DEC, NULL, 0x0, "SAP RFC APPC Header Trace Level", HFILL }},
1124 { &hf_saprfc_header_time,
1125 { "Time", "saprfc.appcheader.time", FT_UINT32, BASE_DEC, NULL, 0x0, "SAP RFC APPC Header Time", HFILL }},
1126 { &hf_saprfc_header_info3,
1127 { "Info 3", "saprfc.appcheader.info3", FT_UINT8, BASE_HEX, NULL, 0x0, "SAP RFC APPC Header Info 3", HFILL }},
1128 { &hf_saprfc_header_info3_GW_WITH_CODE_PAGE,
1129 { "Info 3 Flag GW_WITH_CODE_PAGE", "saprfc.appcheader.info3.GW_WITH_CODE_PAGE", FT_BOOLEAN, 8, NULL, SAPRFC_APPCHDR_INFO3_GW_WITH_CODE_PAGE, "SAP RFC APPC Header Info 3 Flag GW_WITH_CODE_PAGE", HFILL }},
1130 { &hf_saprfc_header_info3_GW_ASYNC_RFC,
1131 { "Info 3 Flag GW_ASYNC_RFC", "saprfc.appcheader.info3.GW_ASYNC_RFC", FT_BOOLEAN, 8, NULL, SAPRFC_APPCHDR_INFO3_GW_ASYNC_RFC, "SAP RFC APPC Header Info 3 Flag GW_ASYNC_RFC", HFILL }},
1132 { &hf_saprfc_header_info3_GW_CANCEL_HARD,
1133 { "Info 3 Flag GW_CANCEL_HARD", "saprfc.appcheader.info3.GW_CANCEL_HARD", FT_BOOLEAN, 8, NULL, SAPRFC_APPCHDR_INFO3_GW_CANCEL_HARD, "SAP RFC APPC Header Info 3 Flag GW_CANCEL_HARD", HFILL }},
1134 { &hf_saprfc_header_info3_GW_CANCEL_SOFT,
1135 { "Info 3 Flag GW_CANCEL_SOFT", "saprfc.appcheader.info3.GW_CANCEL_SOFT", FT_BOOLEAN, 8, NULL, SAPRFC_APPCHDR_INFO3_GW_CANCEL_SOFT, "SAP RFC APPC Header Info 3 Flag GW_CANCEL_SOFT", HFILL }},
1136 { &hf_saprfc_header_info3_GW_WITH_GUI_TIMEOUT,
1137 { "Info 3 Flag GW_WITH_GUI_TIMEOUT", "saprfc.appcheader.info3.GW_WITH_GUI_TIMEOUT", FT_BOOLEAN, 8, NULL, SAPRFC_APPCHDR_INFO3_GW_WITH_GUI_TIMEOUT, "SAP RFC APPC Header Info 3 Flag GW_WITH_GUI_TIMEOUT", HFILL }},
1138 { &hf_saprfc_header_info3_GW_TERMIO_ERROR,
1139 { "Info 3 Flag GW_TERMIO_ERROR", "saprfc.appcheader.info3.GW_TERMIO_ERROR", FT_BOOLEAN, 8, NULL, SAPRFC_APPCHDR_INFO3_GW_TERMIO_ERROR, "SAP RFC APPC Header Info 3 Flag GW_TERMIO_ERROR", HFILL }},
1140 { &hf_saprfc_header_info3_GW_EXTENDED_INIT_OPTIONS,
1141 { "Info 3 Flag GW_EXTENDED_INIT_OPTIONS", "saprfc.appcheader.info3.GW_EXTENDED_INIT_OPTIONS", FT_BOOLEAN, 8, NULL, SAPRFC_APPCHDR_INFO3_GW_EXTENDED_INIT_OPTIONS, "SAP RFC APPC Header Info 3 Flag GW_EXTENDED_INIT_OPTIONS", HFILL }},
1142 { &hf_saprfc_header_info3_GW_DIST_TRACE,
1143 { "Info 3 Flag GW_DIST_TRACE", "saprfc.appcheader.info3.GW_DIST_TRACE", FT_BOOLEAN, 8, NULL, SAPRFC_APPCHDR_INFO3_GW_DIST_TRACE, "SAP RFC APPC Header Info 3 Flag GW_DIST_TRACE", HFILL }},
1144 { &hf_saprfc_header_timeout,
1145 { "Timeout", "saprfc.appcheader.timeout", FT_INT32, BASE_DEC, NULL, 0x0, "SAP RFC APPC Header Timeout", HFILL }},
1146 { &hf_saprfc_header_info4,
1147 { "Info 4", "saprfc.appcheader.info4", FT_UINT8, BASE_HEX, NULL, 0x0, "SAP RFC APPC Header Info 4", HFILL }},
1148 { &hf_saprfc_header_info4_GW_WITH_DBG_CTL,
1149 { "Info 4 Flag GW_WITH_DBG_CTL", "saprfc.appcheader.info4.GW_WITH_DBG_CTL", FT_BOOLEAN, 8, NULL, SAPRFC_APPCHDR_INFO4_GW_WITH_DBG_CTL, "SAP RFC APPC Header Info 4 Flag GW_WITH_DBG_CTL", HFILL }},
1150 { &hf_saprfc_header_sequence_no,
1151 { "Sequence No", "saprfc.appcheader.sequence_no", FT_UINT32, BASE_DEC, NULL, 0x0, "SAP RFC APPC Header Sequence No", HFILL }},
1152 { &hf_saprfc_header_sap_params_len,
1153 { "SAP Parameters Length", "saprfc.appcheader.sap_params_len", FT_UINT16, BASE_DEC, NULL, 0x0, "SAP RFC APPC Header SAP Parameters Length", HFILL }},
1154 { &hf_saprfc_header_info,
1155 { "Info Flags", "saprfc.appcheader.info", FT_UINT8, BASE_HEX, NULL, 0x0, "SAP RFC APPC Header Info Flags", HFILL }},
1156 { &hf_saprfc_header_info_SYNC_CPIC_FUNCTION,
1157 { "Info Flag SYNC_CPIC_FUNCTION", "saprfc.appcheader.info.SYNC_CPIC_FUNCTION", FT_BOOLEAN, 8, NULL, SAPRFC_APPCHDR_INFO1_SYNC_CPIC_FUNCTION, "SAP RFC APPC Header Info Flag SYNC_CPIC_FUNCTION", HFILL }},
1158 { &hf_saprfc_header_info_WITH_HOSTADDR,
1159 { "Info Flag WITH_HOSTADDR", "saprfc.appcheader.info.WITH_HOSTADDR", FT_BOOLEAN, 8, NULL, SAPRFC_APPCHDR_INFO1_WITH_HOSTADDR, "SAP RFC APPC Header Info Flag WITH_HOSTADDR", HFILL }},
1160 { &hf_saprfc_header_info_WITH_GW_SAP_PARAMS_HDR,
1161 { "Info Flag WITH_GW_SAP_PARAMS_HDR", "saprfc.appcheader.info.WITH_GW_SAP_PARAMS_HDR", FT_BOOLEAN, 8, NULL, SAPRFC_APPCHDR_INFO1_WITH_GW_SAP_PARAMS_HDR, "SAP RFC APPC Header Info Flag WITH_GW_SAP_PARAMS_HDR", HFILL }},
1162 { &hf_saprfc_header_info_CPIC_SYNC_REQ,
1163 { "Info Flag CPIC_SYNC_REQ", "saprfc.appcheader.info.CPIC_SYNC_REQ", FT_BOOLEAN, 8, NULL, SAPRFC_APPCHDR_INFO1_CPIC_SYNC_REQ, "SAP RFC APPC Header Info Flag CPIC_SYNC_REQ", HFILL }},
1164 { &hf_saprfc_header_info_WITH_ERR_INFO,
1165 { "Info Flag WITH_ERR_INFO", "saprfc.appcheader.info.WITH_ERR_INFO", FT_BOOLEAN, 8, NULL, SAPRFC_APPCHDR_INFO1_WITH_ERR_INFO, "SAP RFC APPC Header Info Flag WITH_ERR_INFO", HFILL }},
1166 { &hf_saprfc_header_info_DATA_WITH_TERM_OUTPUT,
1167 { "Info Flag DATA_WITH_TERM_OUTPUT", "saprfc.appcheader.info.DATA_WITH_TERM_OUTPUT", FT_BOOLEAN, 8, NULL, SAPRFC_APPCHDR_INFO1_DATA_WITH_TERM_OUTPUT, "SAP RFC APPC Header Info Flag DATA_WITH_TERM_OUTPUT", HFILL }},
1168 { &hf_saprfc_header_info_DATA_WITH_TERM_INPUT,
1169 { "Info Flag DATA_WITH_TERM_INPUT", "saprfc.appcheader.info.DATA_WITH_TERM_INPUT", FT_BOOLEAN, 8, NULL, SAPRFC_APPCHDR_INFO1_DATA_WITH_TERM_INPUT, "SAP RFC APPC Header Info Flag DATA_WITH_TERM_INPUT", HFILL }},
1170 { &hf_saprfc_header_info_R3_CPIC_LOGIN_WITH_TERM,
1171 { "Info Flag R3_CPIC_LOGIN_WITH_TERM", "saprfc.appcheader.info.R3_CPIC_LOGIN_WITH_TERM", FT_BOOLEAN, 8, NULL, SAPRFC_APPCHDR_INFO1_R3_CPIC_LOGIN_WITH_TERM, "SAP RFC APPC Header Info Flag R3_CPIC_LOGIN_WITH_TERM", HFILL }},
1172 { &hf_saprfc_header_reqtype2,
1173 { "Request Type 2 Flags", "saprfc.appcheader.reqtype2", FT_UINT8, BASE_HEX, NULL, 0x0, "SAP RFC APPC Header Request Type 2", HFILL }},
1174 { &hf_saprfc_header_reqtype2_F_V_INITIALIZE_CONVERSATION,
1175 { "Request Type 2 Flag F_V_INITIALIZE_CONVERSATION", "saprfc.appcheader.reqtype2.F_V_INITIALIZE_CONVERSATION", FT_BOOLEAN, 8, NULL, SAPRFC_APPCHDR_REQTYPE2_F_V_INITIALIZE_CONVERSATION, "SAP RFC Request Type 2 Flag F_V_INITIALIZE_CONVERSATION", HFILL }},
1176 { &hf_saprfc_header_reqtype2_F_V_ALLOCATE,
1177 { "Request Type 2 Flag F_V_ALLOCATE", "saprfc.appcheader.reqtype2.F_V_ALLOCATE", FT_BOOLEAN, 8, NULL, SAPRFC_APPCHDR_REQTYPE2_F_V_ALLOCATE, "SAP RFC Request Type 2 Flag F_V_ALLOCATE", HFILL }},
1178 { &hf_saprfc_header_reqtype2_F_V_SEND_DATA,
1179 { "Request Type 2 Flag F_V_SEND_DATA", "saprfc.appcheader.reqtype2.F_V_SEND_DATA", FT_BOOLEAN, 8, NULL, SAPRFC_APPCHDR_REQTYPE2_F_V_SEND_DATA, "SAP RFC Request Type 2 Flag F_V_SEND_DATA", HFILL }},
1180 { &hf_saprfc_header_reqtype2_F_V_RECEIVE,
1181 { "Request Type 2 Flag F_V_RECEIVE", "saprfc.appcheader.reqtype2.F_V_RECEIVE", FT_BOOLEAN, 8, NULL, SAPRFC_APPCHDR_REQTYPE2_F_V_RECEIVE, "SAP RFC Request Type 2 Flag F_V_RECEIVE", HFILL }},
1182 { &hf_saprfc_header_reqtype2_F_V_FLUSH,
1183 { "Request Type 2 Flag F_V_FLUSH", "saprfc.appcheader.reqtype2.F_V_FLUSH", FT_BOOLEAN, 8, NULL, SAPRFC_APPCHDR_REQTYPE2_F_V_FLUSH, "SAP RFC Request Type 2 Flag F_V_FLUSH", HFILL }},
1184 { &hf_saprfc_header_appc_rc,
1185 { "APPC Return Code", "saprfc.appcheader.appc_rc", FT_INT32, BASE_DEC, VALS(saprfc_header_appc_rc_values), 0x0, "SAP RFC APPC Header APPC Return Code", HFILL }},
1186 { &hf_saprfc_header_sap_rc,
1187 { "SAP Return Code", "saprfc.appcheader.sap_rc", FT_INT32, BASE_DEC, NULL, 0x0, "SAP RFC APPC Header SAP Return Code", HFILL }},
1188 { &hf_saprfc_header_conversation_id,
1189 { "Conversation ID", "saprfc.appcheader.conversation_id", FT_STRING, BASE_NONE, NULL, 0x0, "SAP RFC APPC Header Conversation ID", HFILL }},
1190 { &hf_saprfc_header_ncpic_parameters,
1191 { "NCPIC Parameters", "saprfc.appcheader.ncpic_parameters", FT_NONE, BASE_NONE, NULL, 0x0, "SAP RFC APPC Header NCPIC Parameters", HFILL }},
1192 { &hf_saprfc_header_ncpic_parameters_sdest,
1193 { "SDest", "saprfc.appcheader.ncpic_parameters.sdest", FT_STRING, BASE_NONE, NULL, 0x0, "SAP RFC APPC Header NCPIC Parameters SDest", HFILL }},
1194 { &hf_saprfc_header_ncpic_parameters_lu,
1195 { "LU", "saprfc.appcheader.ncpic_parameters.lu", FT_STRING, BASE_NONE, NULL, 0x0, "SAP RFC APPC Header NCPIC Parameters LU", HFILL }},
1196 { &hf_saprfc_header_ncpic_parameters_tp,
1197 { "TP", "saprfc.appcheader.ncpic_parameters.tp", FT_STRING, BASE_NONE, NULL, 0x0, "SAP RFC APPC Header NCPIC Parameters TP", HFILL }},
1198 { &hf_saprfc_header_ncpic_parameters_ctype,
1199 { "CType", "saprfc.appcheader.ncpic_parameters.ctype", FT_STRING, BASE_NONE, NULL, 0x0, "SAP RFC APPC Header NCPIC Parameters CType", HFILL }},
1200 { &hf_saprfc_header_ncpic_parameters_client_info,
1201 { "Client Info", "saprfc.appcheader.ncpic_parameters.client_info", FT_UINT8, BASE_HEX, VALS(saprfc_header_ncpic_parameters_client_info_values), 0x0, "SAP RFC APPC Header NCPIC Parameters Client Info", HFILL }},
1202 { &hf_saprfc_header_ncpic_parameters_lu_name,
1203 { "LU Name", "saprfc.appcheader.ncpic_parameters.lu_name", FT_STRING, BASE_NONE, NULL, 0x0, "SAP RFC APPC Header NCPIC Parameters LU Name", HFILL }},
1204 { &hf_saprfc_header_ncpic_parameters_lu_name_length,
1205 { "LU Name Length", "saprfc.appcheader.ncpic_parameters.lu_name_length", FT_UINT32, BASE_DEC, NULL, 0x0, "SAP RFC APPC Header NCPIC Parameters LU Name Length", HFILL }},
1206 { &hf_saprfc_header_ncpic_parameters_host_address,
1207 { "Host Address", "saprfc.appcheader.ncpic_parameters.host_address", FT_IPv6, BASE_NONE, NULL, 0x0, "SAP RFC APPC Header NCPIC Parameters Host Address", HFILL }},
1208 { &hf_saprfc_header_ncpic_parameters_security_password,
1209 { "Security Password", "saprfc.appcheader.ncpic_parameters.security_password", FT_STRING, BASE_NONE, NULL, 0x0, "SAP RFC APPC Header NCPIC Parameters Security Password", HFILL }},
1210 { &hf_saprfc_header_ncpic_parameters_security_password_length,
1211 { "Security Password Length", "saprfc.appcheader.ncpic_parameters.security_password_length", FT_UINT32, BASE_DEC, NULL, 0x0, "SAP RFC APPC Header NCPIC Parameters Security Password Length", HFILL }},
1213 { &hf_saprfc_header_comm_idx,
1214 { "Comm Index", "saprfc.appcheader.comm_idx", FT_INT16, BASE_DEC, NULL, 0x0, "SAP RFC APPC Header Comm Index", HFILL }},
1215 { &hf_saprfc_header_conn_idx,
1216 { "Conn Index", "saprfc.appcheader.conn_idx", FT_INT16, BASE_DEC, NULL, 0x0, "SAP RFC APPC Header Conn Index", HFILL }},
1218 /* Payload */
1219 { &hf_saprfc_payload,
1220 { "Message", "saprfc.message", FT_NONE, BASE_NONE, NULL, 0x0, "SAP RFC Message", HFILL }},
1222 /* Item fields */
1223 { &hf_saprfc_item,
1224 { "Item", "saprfc.item", FT_NONE, BASE_NONE, NULL, 0x0, "SAP RFC Item", HFILL }},
1225 { &hf_saprfc_item_id1,
1226 { "ID1", "saprfc.item.id1", FT_UINT8, BASE_HEX, NULL, 0x0, "SAP RFC Item ID 1", HFILL }},
1227 { &hf_saprfc_item_id2,
1228 { "ID2", "saprfc.item.id2", FT_UINT8, BASE_HEX, NULL, 0x0, "SAP RFC Item ID 2", HFILL }},
1229 { &hf_saprfc_item_length,
1230 { "Length", "saprfc.item.length", FT_UINT16, BASE_DEC, NULL, 0x0, "SAP RFC Item Length", HFILL }},
1231 { &hf_saprfc_item_value,
1232 { "Value", "saprfc.item.value", FT_NONE, BASE_NONE, NULL, 0x0, "SAP RFC Item Value", HFILL }},
1234 /* Table content */
1235 { &hf_saprfc_table,
1236 { "Table", "saprfc.table", FT_NONE, BASE_NONE, NULL, 0x0, "SAP RFC Table", HFILL }},
1237 { &hf_saprfc_table_structure,
1238 { "Table Structure", "saprfc.table.structure", FT_NONE, BASE_NONE, NULL, 0x0, "SAP RFC Table Structure", HFILL }},
1239 { &hf_saprfc_table_structure_field,
1240 { "Table Structure Field", "saprfc.table.structure.field", FT_NONE, BASE_NONE, NULL, 0x0, "SAP RFC Table Structure Field", HFILL }},
1241 { &hf_saprfc_table_structure_field_type,
1242 { "Table Structure Field Type", "saprfc.table.structure.field.type", FT_UINT8, BASE_DEC, VALS(abap_types_typename_values), 0x0, "SAP RFC Table Structure Field Type", HFILL }},
1243 { &hf_saprfc_table_structure_field_length,
1244 { "Table Structure Field Length", "saprfc.table.structure.field.length", FT_NONE, BASE_NONE, NULL, 0x0, "SAP RFC Table Structure Field Length", HFILL }},
1245 { &hf_saprfc_table_row,
1246 { "Table Row", "saprfc.table.row", FT_NONE, BASE_NONE, NULL, 0x0, "SAP RFC Table Row", HFILL }},
1247 { &hf_saprfc_table_row_field,
1248 { "Table Row Field", "saprfc.table.row.field", FT_NONE, BASE_NONE, NULL, 0x0, "SAP RFC Table Row Field", HFILL }},
1249 { &hf_saprfc_table_length,
1250 { "Table Content Length", "saprfc.table.length", FT_UINT32, BASE_DEC, NULL, 0x0, "SAP RFC Table Content Length", HFILL }},
1251 { &hf_saprfc_table_compress_header,
1252 { "Compression Header", "saprfc.table.compression", FT_NONE, BASE_NONE, NULL, 0x0, "SAP RFC Table Compression Header", HFILL }},
1253 { &hf_saprfc_table_uncomplength,
1254 { "Uncompressed Length", "saprfc.table.compression.uncomplength", FT_UINT32, BASE_DEC, NULL, 0x0, "SAP RFC Table Uncompressed Length", HFILL }},
1255 { &hf_saprfc_table_algorithm,
1256 { "Compression Algorithm", "saprfc.table.compression.algorithm", FT_UINT8, BASE_HEX, NULL, 0x0, "SAP RFC Table Compression Algorithm", HFILL }},
1257 { &hf_saprfc_table_magic,
1258 { "Magic Bytes", "saprfc.table.compression.magic", FT_UINT16, BASE_HEX, NULL, 0x0, "SAP RFC Table Compression Magic Bytes", HFILL }},
1259 { &hf_saprfc_table_special,
1260 { "Special", "saprfc.table.compression.special", FT_UINT8, BASE_HEX, NULL, 0x0, "SAP RFC Table Special", HFILL }},
1261 { &hf_saprfc_table_return_code,
1262 { "Decompress Return Code", "saprfc.table.compression.returncode", FT_INT8, BASE_DEC, NULL, 0x0, "SAP RFC Decompression routine return code", HFILL }},
1263 { &hf_saprfc_table_content,
1264 { "Content", "saprfc.table.content", FT_NONE, BASE_NONE, NULL, 0x0, "SAP RFC Table Content", HFILL }},
1268 /* Setup protocol subtree array */
1269 static int *ett[] = {
1270 &ett_saprfc
1273 /* Register the expert info */
1274 static ei_register_info ei[] = {
1275 #if 0
1276 { &ei_saprfc_invalid_table_structure_length, { "saprfc.table.structure.length.invalid", PI_MALFORMED, PI_WARN, "The structure item payload is not long enough to parse the reported number of fields", EXPFILL }},
1277 { &ei_saprfc_invalid_table_content_length, { "saprfc.table.content.length.invalid", PI_MALFORMED, PI_WARN, "The table content length is not large enough to read the expected amount of data from", EXPFILL }},
1278 { &ei_saprfc_mismatching_table_row_width, { "saprfc.table.lengths.mismatching", PI_MALFORMED, PI_WARN, "The row width reported in table metadata and field metadata does not match", EXPFILL }},
1279 #endif
1280 { &ei_saprfc_item_length_invalid, { "saprfc.item.value.invalid_length", PI_MALFORMED, PI_WARN, "The item length is invalid", EXPFILL }},
1281 { &ei_saprfc_unknown_item, { "saprfc.item.unknown", PI_UNDECODED, PI_WARN, "The RFC item has a unknown type that is not dissected", EXPFILL }},
1284 module_t *saprfc_module;
1285 expert_module_t* saprfc_expert;
1287 /* Register the protocol */
1288 proto_saprfc = proto_register_protocol("SAP RFC Protocol", "SAPRFC", "saprfc");
1290 proto_register_field_array(proto_saprfc, hf, array_length(hf));
1291 proto_register_subtree_array(ett, array_length(ett));
1293 saprfc_expert = expert_register_protocol(proto_saprfc);
1294 expert_register_field_array(saprfc_expert, ei, array_length(ei));
1296 register_dissector("saprfc", dissect_saprfc, proto_saprfc);
1297 register_dissector("saprfcinternal", dissect_saprfc_internal, proto_saprfc);
1299 /* Register the preferences */
1300 saprfc_module = prefs_register_protocol(proto_saprfc, proto_reg_handoff_saprfc);
1302 prefs_register_bool_preference(saprfc_module, "table_reassembly", "Reassemble SAP RFC table content", "Whether the SAP RFC Protocol dissector should reassemble table content included in payloads.", &global_saprfc_table_reassembly);
1304 prefs_register_bool_preference(saprfc_module, "highlight_unknown_items", "Highlight unknown SAP RFC Items", "Whether the SAP RFC Protocol dissector should highlight unknown RFC items (might be noise and generate a lot of expert warnings)", &global_saprfc_highlight_items);
1309 * Register Hand off for the SAP RFC Protocol
1311 void
1312 proto_reg_handoff_saprfc(void)
1314 static bool initialized = false;
1316 if (!initialized) {
1317 saprfc_handle = create_dissector_handle(dissect_saprfc, proto_saprfc);
1318 saprfcinternal_handle = create_dissector_handle(dissect_saprfc_internal, proto_saprfc);
1319 initialized = true;
1322 dissector_add_uint_range_with_preference("tcp.port", SAPRFC_PORT_RANGE, saprfc_handle);
1326 * Editor modelines - https://www.wireshark.org/tools/modelines.html
1328 * Local variables:
1329 * c-basic-offset: 8
1330 * tab-width: 8
1331 * indent-tabs-mode: t
1332 * End:
1334 * vi: set shiftwidth=8 tabstop=8 noexpandtab:
1335 * :indentSize=8:tabSize=8:noTabs=false: