Revert "TODO epan/dissectors/asn1/kerberos/packet-kerberos-template.c new GSS flags"

[wireshark-sm.git] / epan / dissectors / asn1 / snmp / snmp.cnf

# snmp.cnf
# snmp conformation file


#.PDU
SMUX-PDUs

#.NO_EMIT
NotificationName
VarBind

#.TYPE_RENAME
Message/community               Community
Trap-PDU/_untag/generic-trap    GenericTrap
Trap-PDU/_untag/specific-trap   SpecificTrap

#.FIELD_RENAME
Messagev2u/datav2u/plaintext v2u_plaintext
BulkPDU/request-id bulkPDU_request-id

#.FN_HDR SMUX-PDUs

        snmp_conv_info_t *snmp_info = snmp_find_conversation_and_get_conv_data(actx->pinfo);

        actx->private_data = snmp_info;

#.FN_PARS Version    VAL_PTR = &snmp_version

#.FN_PARS PDUs

        VAL_PTR = &pdu_type

#.FN_BODY PDUs
        int pdu_type=-1;

        snmp_request_response_t *srrp;
        snmp_conv_info_t *snmp_info = (snmp_conv_info_t *)actx->private_data;

        col_clear(actx->pinfo->cinfo, COL_INFO);

%(DEFAULT_BODY)s
        if( (pdu_type!=-1) && snmp_PDUs_vals[pdu_type].strptr ){
                col_prepend_fstr(actx->pinfo->cinfo, COL_INFO, "%%s", snmp_PDUs_vals[pdu_type].strptr);

                /* pdu_type is the index, not the tag so convert it to the tag value */
                pdu_type = snmp_PDUs_vals[pdu_type].value;

                srrp=snmp_match_request_response(tvb, actx->pinfo, tree, RequestID, pdu_type, snmp_info);
                if (srrp) {
                        tap_queue_packet(snmp_tap, actx->pinfo, srrp);
                }
        }


#.END

#.FN_BODY PDU/request-id VAL_PTR = &RequestID

%(DEFAULT_BODY)s

#.FN_BODY Integer32 VAL_PTR = &RequestID

%(DEFAULT_BODY)s

#.FN_BODY Trap-PDU/_untag
        generic_trap = 0;
        enterprise_oid = NULL;

%(DEFAULT_BODY)s

  if (snmp_version != 0) {
    expert_add_info(actx->pinfo, tree, &ei_snmp_trap_pdu_obsolete);
  }

#.FN_PARS Trap-PDU/_untag/generic-trap    VAL_PTR = &generic_trap

#.FN_BODY Trap-PDU/_untag/specific-trap   VAL_PTR = &specific_trap
  unsigned specific_trap;

%(DEFAULT_BODY)s

        if (generic_trap == 6) { /* enterprise specific */
                const char *specific_str = snmp_lookup_specific_trap (specific_trap);
                if (specific_str) {
                proto_item_append_text(actx->created_item, " (%%s)", specific_str);
                }
        }
#.END


#.FN_PARS EnterpriseOID  FN_VARIANT = _str  VAL_PTR = &enterprise_oid

#.FN_BODY EnterpriseOID
        const char* name;

%(DEFAULT_BODY)s

        if (display_oid && enterprise_oid) {
                name = oid_resolved_from_string(actx->pinfo->pool, enterprise_oid);
                if (name) {
                col_append_fstr (actx->pinfo->cinfo, COL_INFO, " %%s", name);
                }
        }

#.END

#.FN_PARS HeaderData/msgSecurityModel

        VAL_PTR = &MsgSecurityModel

#.FN_PARS UsmSecurityParameters/msgAuthoritativeEngineBoots

        VAL_PTR = &usm_p.boots

#.FN_PARS UsmSecurityParameters/msgAuthoritativeEngineTime

        VAL_PTR = &usm_p.snmp_time

#.FN_BODY UsmSecurityParameters/msgAuthoritativeEngineID

        offset = dissect_ber_octet_string(implicit_tag, actx, tree, tvb, offset, hf_index, &usm_p.engine_tvb);
         if (usm_p.engine_tvb) {
                proto_tree* engine_tree = proto_item_add_subtree(%(ACTX)s->created_item,ett_engineid);
                dissect_snmp_engineid(engine_tree, actx->pinfo, usm_p.engine_tvb, 0, tvb_reported_length_remaining(usm_p.engine_tvb,0));
        }

#.FN_BODY SnmpEngineID
        tvbuff_t* param_tvb = NULL;

        offset = dissect_ber_octet_string(implicit_tag, actx, tree, tvb, offset, hf_index, &param_tvb);
         if (param_tvb) {
                proto_tree* engine_tree = proto_item_add_subtree(%(ACTX)s->created_item,ett_engineid);
                dissect_snmp_engineid(engine_tree, actx->pinfo, param_tvb, 0, tvb_reported_length_remaining(param_tvb,0));
        }

#.FN_PARS UsmSecurityParameters/msgUserName
        VAL_PTR = &usm_p.user_tvb

#.FN_BODY UsmSecurityParameters/msgAuthenticationParameters
        offset = dissect_ber_octet_string(false, actx, tree, tvb, offset, hf_index, &usm_p.auth_tvb);
        if (usm_p.auth_tvb) {
                usm_p.auth_item = %(ACTX)s->created_item;
                usm_p.auth_offset = tvb_offset_from_real_beginning(usm_p.auth_tvb);
        }
#.FN_PARS UsmSecurityParameters/msgPrivacyParameters
        VAL_PTR = &usm_p.priv_tvb

#.FN_BODY ScopedPduData/encryptedPDU
        tvbuff_t* crypt_tvb;
        offset = dissect_ber_octet_string(false, actx, tree, tvb, offset, hf_snmp_encryptedPDU, &crypt_tvb);

        if( usm_p.encrypted && crypt_tvb
                && usm_p.user_assoc
                && usm_p.user_assoc->user.privProtocol ) {

                const char* error = NULL;
                proto_tree* encryptedpdu_tree = proto_item_add_subtree(%(ACTX)s->created_item,ett_encryptedPDU);
                tvbuff_t* cleartext_tvb = usm_p.user_assoc->user.privProtocol(&usm_p, crypt_tvb, actx->pinfo, &error );

                if (! cleartext_tvb) {
                        proto_tree_add_expert_format(encryptedpdu_tree, actx->pinfo, &ei_snmp_failed_decrypted_data_pdu,
                                crypt_tvb, 0, -1, "Failed to decrypt encryptedPDU: %%s", error);

                        col_set_str(actx->pinfo->cinfo, COL_INFO, "encryptedPDU: Failed to decrypt");

                        return offset;
                } else {
                        proto_item* decrypted_item;
                        proto_tree* decrypted_tree;

                        if (! check_ScopedPdu(cleartext_tvb)) {
                                proto_tree_add_expert(encryptedpdu_tree, actx->pinfo, &ei_snmp_decrypted_data_bad_formatted, cleartext_tvb, 0, -1);

                                col_set_str(actx->pinfo->cinfo, COL_INFO, "encryptedPDU: Decrypted data not formatted as expected");

                                return offset;
                        }


                        add_new_data_source(actx->pinfo, cleartext_tvb, "Decrypted ScopedPDU");

                        decrypted_item = proto_tree_add_item(encryptedpdu_tree, hf_snmp_decryptedPDU,cleartext_tvb,0,-1,ENC_NA);
                        decrypted_tree = proto_item_add_subtree(decrypted_item,ett_decrypted);
                        dissect_snmp_ScopedPDU(false, cleartext_tvb, 0, actx, decrypted_tree, -1);
                        }
        } else {
                        col_set_str(actx->pinfo->cinfo, COL_INFO, "encryptedPDU: privKey Unknown");
        }

#.FN_BODY SNMPv3Message/msgSecurityParameters

        switch(MsgSecurityModel){
                case SNMP_SEC_USM:      /* 3 */
                        offset = get_ber_identifier(tvb, offset, NULL, NULL, NULL);
                        offset = get_ber_length(tvb, offset, NULL, NULL);
                        offset = dissect_snmp_UsmSecurityParameters(false, tvb, offset, actx, tree, -1);
                        usm_p.user_assoc = get_user_assoc(usm_p.engine_tvb, usm_p.user_tvb, actx->pinfo);
                        break;
                case SNMP_SEC_ANY:      /* 0 */
                case SNMP_SEC_V1:       /* 1 */
                case SNMP_SEC_V2C:      /* 2 */
                default:
                        %(DEFAULT_BODY)s
                        break;
        }

#.FN_FTR SNMPv3Message

        if( usm_p.authenticated
                && usm_p.user_assoc ) {
                const char* error = NULL;
                proto_item* authen_item;
                proto_tree* authen_tree = proto_item_add_subtree(usm_p.auth_item,ett_authParameters);
                uint8_t* calc_auth = NULL;
                unsigned calc_auth_len = 0;

                usm_p.authOK = snmp_usm_auth(actx->pinfo, usm_p.user_assoc->user.authModel, &usm_p, &calc_auth, &calc_auth_len, &error );

                if (error) {
                        expert_add_info_format( actx->pinfo, usm_p.auth_item, &ei_snmp_verify_authentication_error, "Error while verifying Message authenticity: %s", error );
                } else {
                        expert_field* expert;

                        authen_item = proto_tree_add_boolean(authen_tree, hf_snmp_msgAuthentication, tvb, 0, 0, usm_p.authOK);
                        proto_item_set_generated(authen_item);

                        if (usm_p.authOK) {
                                expert = &ei_snmp_authentication_ok;
                        } else {
                                const char* calc_auth_str = bytes_to_str_punct(actx->pinfo->pool, calc_auth,calc_auth_len,' ');
                                proto_item_append_text(authen_item, " calculated = %s", calc_auth_str);
                                expert = &ei_snmp_authentication_error;
                        }

                        expert_add_info( actx->pinfo, authen_item, expert);
                }
        }

#.END



#.FN_BODY HeaderData/msgFlags  VAL_PTR = &parameter_tvb
        tvbuff_t *parameter_tvb = NULL;

 %(DEFAULT_BODY)s
        if (parameter_tvb){
                uint8_t v3_flags = tvb_get_uint8(parameter_tvb, 0);
                proto_tree* flags_tree = proto_item_add_subtree(%(ACTX)s->created_item,ett_msgFlags);

                proto_tree_add_item(flags_tree, hf_snmp_v3_flags_report, parameter_tvb, 0, 1, ENC_BIG_ENDIAN);
                proto_tree_add_item(flags_tree, hf_snmp_v3_flags_crypt, parameter_tvb, 0, 1, ENC_BIG_ENDIAN);
                proto_tree_add_item(flags_tree, hf_snmp_v3_flags_auth, parameter_tvb, 0, 1, ENC_BIG_ENDIAN);

                usm_p.encrypted = v3_flags & TH_CRYPT ? true : false;
                usm_p.authenticated = v3_flags & TH_AUTH ? true : false;
        }


#.TYPE_ATTR
NetworkAddress TYPE = FT_IPv4  DISPLAY = BASE_NONE  STRINGS = NULL
Message/community  TYPE = FT_STRING DISPLAY = BASE_NONE STRINGS = NULL
HeaderData/msgSecurityModel TYPE = FT_UINT32 DISPLAY = BASE_DEC STRINGS = VALS(sec_models)
UsmSecurityParameters/msgUserName TYPE = FT_STRING DISPLAY = BASE_NONE STRINGS = NULL
ScopedPDU/contextName TYPE = FT_STRING DISPLAY = BASE_NONE STRINGS = NULL
#.END