| blob | 33e2625628a244a10d940d5e1356fb3b07fec27b |
1 /* packet-allJoyn.c
2 * Routines for AllJoyn (AllJoyn.org) packet dissection
3 * Copyright (c) 2013-2014, The Linux Foundation.
4 *
5 * Wireshark - Network traffic analyzer
6 * By Gerald Combs <gerald@wireshark.org>
7 * Copyright 1998 Gerald Combs
8 *
9 * SPDX-License-Identifier: GPL-2.0-or-later
10 */
13 #include <epan/packet.h>
14 #include <epan/expert.h>
15 #include <wsutil/ws_roundup.h>
16 #include <wsutil/array.h>
17 #include <wsutil/str_util.h>
25 #define ALLJOYN_NAME_SERVER_PORT 9956 /* IANA lists only UDP as being registered (dissector also uses TCP port) */
26 #define ALLJOYN_MESSAGE_PORT 9955
28 /* DBus limits array length to 2^26. AllJoyn limits it to 2^17 */
29 #define MAX_ARRAY_LEN 131072
30 /* DBus limits packet length to 2^27. AllJoyn limits it further to 2^17 + 4096 to allow for 2^17 payload */
31 #define MAX_PACKET_LEN (MAX_ARRAY_LEN + 4096)
33 /* The following are protocols within a frame.
34 The actual value of the handle is set when the various fields are
35 registered in proto_register_AllJoyn() with a call to
36 proto_register_protocol().
37 */
40 /* These are Wireshark header fields. You can search/filter on these values. */
41 /* The initial byte sent when first connecting. */
44 /* SASL fields. */
47 /* Message header fields.
48 See http://dbus.freedesktop.org/doc/dbus-specification.html#message-protocol-messages
49 for details. */
90 #define MESSAGE_HEADER_FLAG_NO_REPLY_EXPECTED 0x01
91 #define MESSAGE_HEADER_FLAG_NO_AUTO_START 0x02
92 #define MESSAGE_HEADER_FLAG_ALLOW_REMOTE_MSG 0x04
93 #define MESSAGE_HEADER_FLAG_SESSIONLESS 0x10
94 #define MESSAGE_HEADER_FLAG_GLOBAL_BROADCAST 0x20
95 #define MESSAGE_HEADER_FLAG_COMPRESSED 0x40
96 #define MESSAGE_HEADER_FLAG_ENCRYPTED 0x80
98 /* Protocol identifiers. */
112 /* These are bit masks for version 0 "who has" records. */
113 /* These bits are deprecated and do not exist for version 1. */
114 #define WHOHAS_T 0x08
115 #define WHOHAS_U 0x04
116 #define WHOHAS_S 0x02
117 #define WHOHAS_F 0x01
124 /* End of version 0 bit masks. */
128 /* Bitmasks common to v0 and v1 IS-AT messages. */
129 #define ISAT_C 0x10
130 #define ISAT_G 0x20
132 /* Bitmasks for v0 IS-AT messages. */
133 #define ISAT_F 0x01
134 #define ISAT_S 0x02
135 #define ISAT_U 0x04
136 #define ISAT_T 0x08
138 /* Bitmasks for v1 IS-AT messages. */
139 #define ISAT_U6 0x01
140 #define ISAT_R6 0x02
141 #define ISAT_U4 0x04
142 #define ISAT_R4 0x08
144 /* Bitmasks for v1 transports. */
153 /* Tree indexes common to v0 and v1 IS-AT messages. */
157 /* Tree indexes for v0 IS-AT messages. */
167 /* Tree indexes for v1 IS-AT messages. */
175 /* Individual bits of the mask. */
178 static int hf_alljoyn_ns_isat_transport_mask_tcp; /* Transport using TCP (same as TRANSPORT_WLAN) */
189 /* Protocol identifiers. */
192 #define ARDP_SYN_FIXED_HDR_LEN 28 /* Size of the fixed part for the ARDP connection packet header. */
195 #define ARDP_HEADER_LEN_OFFSET 1 /* Offset into the ARDP header for the actual length of the header. */
197 /* These are bit masks for ARDP flags. */
198 /* These bits are deprecated and do not exist for version 1. */
199 #define ARDP_SYN 0x01
200 #define ARDP_ACK 0x02
201 #define ARDP_EAK 0x04
202 #define ARDP_RST 0x08
203 #define ARDP_NUL 0x10
204 #define ARDP_UNUSED 0x20
205 #define ARDP_VER0 0x40
206 #define ARDP_VER1 0x80
207 #define ARDP_VER (ARDP_VER0 | ARDP_VER1)
229 static int hf_ardp_segmax; /* The maximum number of outstanding segments the other side can send without acknowledgment. */
231 static int hf_ardp_dackt; /* Receiver's delayed ACK timeout. Used in TTL estimate prior to sending a message. */
232 static int hf_ardp_options;/* Options for the connection. Always Sequenced Delivery Mode (SDM). */
236 /* These are the ids of the subtrees we will be creating */
254 #define ROUND_TO_2BYTE(len) WS_ROUNDUP_2(len)
255 #define ROUND_TO_4BYTE(len) WS_ROUNDUP_4(len)
256 #define ROUND_TO_8BYTE(len) WS_ROUNDUP_8(len)
262 };
264 #define MESSAGE_TYPE_INVALID 0
265 #define MESSAGE_TYPE_METHOD_CALL 1
266 #define MESSAGE_TYPE_METHOD_REPLY 2
267 #define MESSAGE_TYPE_ERROR_REPLY 3
268 #define MESSAGE_TYPE_SIGNAL 4
277 };
279 /*
280 * The array at the end of the header contains header fields,
281 * where each field is a 1-byte field code followed by a field value.
282 * See also: http://dbus.freedesktop.org/doc/dbus-specification.html#message-protocol-messages
283 *
284 * In the D-Bus world these are the "field codes".
285 * In the AllJoyn world these are called "field types".
286 */
287 #define HDR_INVALID 0x00
288 #define HDR_OBJ_PATH 0x01
289 #define HDR_INTERFACE 0x02
290 #define HDR_MEMBER 0x03
291 #define HDR_ERROR_NAME 0x04
292 #define HDR_REPLY_SERIAL 0x05
293 #define HDR_DESTINATION 0x06
294 #define HDR_SENDER 0x07
295 #define HDR_SIGNATURE 0x08
296 #define HDR_HANDLES 0x09
298 #define HDR_TIME_TO_LIVE 0x11
299 #define HDR_COMPRESSION_TOKEN 0x12
300 #define HDR_SESSION_ID 0x13
305 is emitted from. */
307 signal is emitted from. Optional for method calls,
308 required for signals. */
311 { HDR_REPLY_SERIAL, "Reply Serial" }, /* The serial number of the message this message is a reply to. */
312 { HDR_DESTINATION, "Destination" }, /* The name of the connection this message is intended for. */
316 accompany the message. */
322 };
324 /* This is used to round up offsets into a packet to an even two byte
325 * boundary from starting_offset.
326 * @param current_offset is the current offset into the packet.
327 * @param starting_offset is offset into the packet from the beginning of
328 * the message.
329 * @returns the offset rounded up to the next even two byte boundary from
330 start of the message.
331 */
334 {
338 }
340 /* This is used to round up offsets into a packet to an even four byte
341 * boundary from starting_offset.
342 * @param current_offset is the current offset into the packet.
343 * @param starting_offset is offset into the packet from the beginning of
344 * the message.
345 * @returns the offset rounded up to the next even four byte boundary from
346 start of the message.
347 */
350 {
354 }
356 /* This is used to round up offsets into a packet to an even eight byte
357 * boundary from starting_offset.
358 * @param current_offset is the current offset into the packet.
359 * @param starting_offset is offset into the packet from the beginning of
360 * the message.
361 * @returns the offset rounded up to the next even eight byte boundary from
362 start of the message.
363 */
366 {
370 }
372 /* This is the maximum number of rounding bytes that is ever used.
373 * This define is used for error checking. */
374 #define MAX_ROUND_TO_BYTES 7
376 /* Gets a 32-bit unsigned integer from the packet buffer with
377 * the proper byte-swap.
378 * @param tvb is the incoming network data buffer.
379 * @param offset is the offset into the buffer.
380 * @param encoding is ENC_BIG_ENDIAN or ENC_LITTLE_ENDIAN.
381 * @return The 32-bit unsigned int interpretation of the bits
382 * in the buffer.
383 */
384 static uint32_t
388 {
392 }
394 /* This is called by dissect_AllJoyn_message() to handle the initial byte for
395 * a connect message.
396 * If it was the initial byte for a connect message and was handled then return
397 * the number of bytes consumed out of the packet. If not an connect initial
398 * byte message or unhandled return 0.
399 * @param tvb is the incoming network data buffer.
400 * @param pinfo contains information about the incoming packet which
401 * we update as we dissect the packet.
402 * @param offset is the offset into the packet to check for the connect message.
403 * @param message_tree is the subtree that any connect data items should be added to.
404 * @returns the offset into the packet that has successfully been handled or
405 * the input offset value if it was not the connect initial byte of 0.
406 */
407 static int
412 {
420 /* Now add the value as a subtree to the initial byte. */
423 }
426 }
429 {
442 #define MAX_SASL_COMMAND_LENGTH sizeof(CMD_REJECTED)
443 /* The 256 is just something I pulled out of the air. */
444 #define MAX_SASL_PACKET_LENGTH (MAX_SASL_COMMAND_LENGTH + 256)
454 };
461 {
471 }
472 }
475 }
477 /* Call this to test whether desegmentation is possible and if so correctly
478 * set the pinfo structure with the applicable data.
479 * @param pinfo contains information about the incoming packet.
480 * @param next_offset is the offset into the tvbuff where it is desired to start processing next time.
481 * @param addition_bytes_needed is the additional bytes required beyond what is already available.
482 * @returns true if desegmentation is possible. false if not.
483 */
485 {
491 }
494 }
496 /* This is called by dissect_AllJoyn_message() to handle SASL messages.
497 * If it was a SASL message and was handled then return the number of bytes
498 * used (should be the entire packet). If not a SASL message or unhandled return 0.
499 * If more bytes are needed then return the negative of the bytes expected.
500 * @param tvb is the incoming network data buffer.
501 * @param pinfo contains information about the incoming packet which
502 * we update as we dissect the packet.
503 * @param offset is the offset into the packet to start processing.
504 * @param message_tree is the subtree that any connect data items should be added to.
505 * @returns the offset into the packet that has successfully been handled or
506 * the input offset value if it was not a sasl message.
507 */
508 static int
513 {
520 /* This gives us the offset into the buffer of the terminating character of
521 * the command, the '\n'. + 1 to get the number of bytes used for the
522 * command in the buffer. tvb_find_uint8() returns -1 if not found so the + 1
523 * will result in a newline_offset of 0 if not found.
524 */
527 /* If not found see if we should request another segment. */
532 /* Return the length of the buffer we successfully parsed. */
535 /* If we can't desegment then return 0 meaning we didn't do anything. */
537 }
540 }
547 /* Add a subtree/row for the command. */
552 /* Add a subtree for the parameter. */
556 }
557 }
560 }
562 #define ENC_ALLJOYN_BAD_ENCODING 0xBADF00D
566 /* This is called by handle_message_header_body() to get the endianness from
567 * message headers.
568 * @param tvb is the incoming network data buffer.
569 * @param offset is the current offset into network data buffer.
570 * @return The type of encoding, ENC_LITTLE_ENDIAN or ENC_BIG_ENDIAN, for
571 * the message.
572 */
573 static uint32_t
576 {
580 /* The endianness field. */
584 {
594 }
597 }
599 /* This is called by handle_message_field() to handle bytes of particular values
600 * in messages.
601 * @param tvb is the incoming network data buffer.
602 * @param offset is the offset into the packet to start processing.
603 * @param field_tree is the subtree that we connect data items to.
604 * @param expected_value is the value the byte is expected to have.
605 */
606 static void
611 {
621 proto_item_set_text(item, "Expected '0x%02x byte' but found '0x%02x'", expected_value, byte_value);
622 }
623 }
625 /*
626 * Message argument types
627 */
645 #define ARG_DICT_ENTRY '{' /* AllJoyn dictionary or map container type - an array of key-value pairs */
667 };
669 static int
671 {
673 {
713 }
717 }
720 }
722 /* This is called by parse_arg to append the signature of structure or dictionary
723 * to an item. This is complicated a bit by the fact that structures can be nested.
724 * @param item is the item to append the signature data to.
725 * @param signature points to the signature to be appended.
726 * @param signature_max_length is the specified maximum length of this signature.
727 * @param type_stop is the character when indicates the end of the signature.
728 */
729 static void
734 {
745 depth++;
746 }
749 depth--;
750 }
758 }
759 }
761 /* This is called to advance the signature pointer to the end of the signature
762 * it is currently pointing at. signature_length is decreased by the appropriate
763 * amount before returning.
764 * @param signature is a pointer to the signature. It could be simple data type
765 * such as 'i', 'b', etc. In these cases *signature is advanced by 1 and
766 * *signature_length is decreased by 1. Or it could be an array, structure, dictionary,
767 * array of arrays or even more complex things. In these cases the advancement could
768 * be much larger. For example with the signature "a(bdas)i" *signature will be advanced
769 * to the 'i' and *signature_length will be set to '1'.
770 * @param signature_length is a pointer to the length of the signature.
771 */
772 static void
773 // NOLINTNEXTLINE(misc-no-recursion)
774 advance_to_end_of_signature(packet_info *pinfo, const uint8_t **signature, uint8_t *signature_length)
775 {
786 /* Were we looking for the end of a structure or dictionary? If so, did we find it? */
790 }
793 }
796 {
829 }
830 }
832 }
834 /* This is called to add a padding item. There is not padding done for each call made.
835 * There is testing for the padding length which must be greater than zero. It's also possible,
836 * in the case of bad packets, that the end of the padding is wrong so range checking is
837 * also done. In the case of something being obviously wrong this function returns
838 * without adding the padding item.
839 * @param padding_start is the offset into tvb at which the (possible) padding starts.
840 * @param padding_end is the offset into tvb at which the (possible) padding ends.
841 * @param tvb is the incoming network data buffer.
842 * @param tree is the tree to which the new item should be attached.
843 */
844 static void add_padding_item(int padding_start, int padding_end, tvbuff_t *tvb, proto_tree *tree)
845 {
851 }
852 }
853 }
855 /* This is called to handle a single typed argument. Recursion is used
856 * to handle arrays and structures.
857 * @param tvb is the incoming network data buffer.
858 * @param pinfo contains information about the incoming packet which
859 * we update as we dissect the packet.
860 * @param header_item if not NULL, is appended with the text name of the data type.
861 * @param encoding indicates big (ENC_BIG_ENDIAN) or little (ENC_LITTLE_ENDIAN)
862 * @param offset is the offset into tvb to get the field from.
863 * @param field_tree is the tree to which this argument should be attached.
864 * @param is_reply_to if true, means this uint32 value should be used to update
865 * header_item and pinfo->cinfo with a special message.
866 * @param type_id is the type of this argument.
867 * @param field_code is the type of header, or HDR_INVALID if not used, which this
868 * arg is a part of. If field_code is HDR_MEMBER or HDR_SIGNATURE then
869 * pinfo->cinfo is updated with information.
870 * @param signature is a pointer to the signature of the parameters. If type_id is
871 * ARG_SIGNATURE this is a return value for the caller to pass to the function
872 * that parses the parameters. If type_id is something like ARG_STRUCT then it points
873 * to the actual signature of the type.
874 * @param signature_length is a pointer to the length of the signature and if type_id is
875 * ARG_SIGNATURE this is a return value for the caller to pass to the function
876 * that parses the parameters.
877 * @param field_starting_offset is the offset at the beginning of the field that contains
878 * this arg. When rounding this starting_offset is used rather than the absolute offset.
879 * @return The new offset into the buffer after removing the field code and value.
880 * the message or the packet length to stop further processing if "really bad"
881 * parameters come in.
882 */
883 static int
884 // NOLINTNEXTLINE(misc-no-recursion)
897 {
903 {
909 {
920 }
922 /* *sig_saved will now be the element type after the 'a'. */
929 /* This is the length of the entire array in bytes but does not include the length field. */
933 starting_offset = pad_according_to_type(padding_start, field_starting_offset, packet_length, *sig_saved); /* Advance to the data elements. */
936 col_add_fstr(pinfo->cinfo, COL_INFO, "BAD DATA: Array length (in bytes) is %d. Remaining packet length is %d.",
939 }
941 /* This item is the entire array including the length specifier plus any pad bytes. */
942 item = proto_tree_add_item(field_tree, hf_alljoyn_mess_body_array, tvb, offset, (starting_offset-offset) + length, encoding);
959 number_of_items++;
964 pinfo,
965 header_item,
966 encoding,
967 offset,
968 tree,
969 is_reply_to,
971 field_code,
974 field_starting_offset);
976 /* Set the signature pointer to be just past the type just handled. */
979 }
981 }
984 proto_item_append_text(item, " of %d '%s' elements", number_of_items, format_char(pinfo->pool, *sig_saved));
985 }
986 }
1013 col_add_fstr(pinfo->cinfo, COL_INFO, "BAD DATA: Signature length is %d. Only %d bytes left in packet.",
1016 }
1018 /* Include the terminating '/0'. */
1019 length++;
1021 proto_tree_add_item(field_tree, hf_alljoyn_mess_body_signature_length, tvb, offset, 1, encoding);
1024 /* Extract signature from tvb and return to caller. */
1025 /* XXX should this extract "length - 1" since we always expect /0? */
1026 proto_tree_add_item_ret_string(field_tree, hf_alljoyn_mess_body_signature, tvb, offset, length, ENC_ASCII|ENC_NA, pinfo->pool, signature);
1031 }
1066 /* The + 4 is for the length specifier. Object paths may be of "any length"
1067 according to D-Bus spec. But there are practical limits. */
1068 if(length < 0 || length > MAX_ARRAY_LEN || length + 4 > tvb_reported_length_remaining(tvb, offset)) {
1069 col_add_fstr(pinfo->cinfo, COL_INFO, "BAD DATA: Object path length is %d. Only %d bytes left in packet.",
1072 }
1091 {
1100 /* Get the length so we can display the string. */
1104 col_add_fstr(pinfo->cinfo, COL_INFO, "BAD DATA: String length is %d. Remaining packet length is %d.",
1107 }
1112 proto_tree_add_item_ret_string(field_tree, hf_alljoyn_string_data, tvb, offset, length, ENC_UTF_8|ENC_NA, pinfo->pool, &member_name);
1116 }
1119 }
1148 }
1151 }
1157 {
1170 col_add_fstr(pinfo->cinfo, COL_INFO, "BAD DATA: Variant signature length is %d. Only %d bytes left in packet.",
1173 }
1177 /* This length (4) will be updated later with the length of the entire variant object. */
1178 item = proto_tree_add_item(field_tree, hf_alljoyn_mess_body_variant, tvb, offset, 4, encoding);
1186 proto_tree_add_item_ret_string(tree, hf_alljoyn_mess_body_signature, tvb, offset, length, ENC_ASCII|ENC_NA, pinfo->pool, &sig_saved);
1193 /* The signature of the variant has now been taken care of. So now take care of the variant data. */
1194 while(((sig_pointer - sig_saved) < (length - 1)) && (tvb_reported_length_remaining(tvb, offset) > 0)) {
1200 }
1205 }
1223 case ARG_DICT_ENTRY: /* AllJoyn dictionary or map container type - an array of key-value pairs */
1225 {
1237 }
1240 col_add_fstr(pinfo->cinfo, COL_INFO, "BAD DATA: A %s argument needs a signature.", val_to_str_const(type_id, header_type_vals, "Unexpected type"));
1242 }
1244 /* This length (4) will be updated later with the length of the entire struct. */
1250 offset = pad_according_to_type(offset, field_starting_offset, tvb_reported_length(tvb), type_id);
1258 /* *signature should never be NULL but just make sure to avoid potential issues. */
1262 pinfo,
1263 header_item,
1264 encoding,
1265 offset,
1266 tree,
1267 is_reply_to,
1269 field_code,
1270 signature,
1271 signature_length,
1272 field_starting_offset);
1273 }
1278 }
1282 /* Just say we are done with this packet. */
1285 }
1287 if (*signature && *signature_length > 0 && ARG_ARRAY != type_id && HDR_INVALID == field_code) {
1290 }
1292 /* Make sure we never return something longer than the buffer for an offset. */
1296 /* The argument has a null size. Let's report the packet length to avoid an infinite loop. */
1297 /*expert_add_info(pinfo, header_item, &ei_alljoyn_empty_arg);*/
1300 }
1303 }
1305 /* This is called by handle_message_header_fields() to handle a single
1306 * message header field.
1307 * @param tvb is the incoming network data buffer.
1308 * @param pinfo contains information about the incoming packet which
1309 * we update as we dissect the packet.
1310 * @param header_tree is the subtree that we connect data items to.
1311 * @param encoding indicates big (ENC_BIG_ENDIAN) or little (ENC_LITTLE_ENDIAN)
1312 * @param offset is the offset into tvb to get the field from.
1313 * endianness.
1314 * @param signature pointer to the signature of the parameters. This is a return
1315 * value for the caller to pass to the function that parses the parameters.
1316 * @param signature_length pointer to the length of the signature. This is a return
1317 * value for the caller to pass to the function that parses the parameters.
1318 * @return The new offset into the buffer after removing the field code and value.
1319 * the message.
1320 */
1321 static int
1329 {
1342 }
1344 field_item = proto_tree_add_item(header_tree, hf_alljoyn_mess_header_field, tvb, offset, 1, ENC_NA);
1347 proto_tree_add_item(field_tree, hf_alljoyn_mess_body_header_fieldcode, tvb, offset, 1, ENC_NA);
1350 /* We expect a byte of 0x01 here. */
1354 item = proto_tree_add_item(field_tree, hf_alljoyn_mess_body_header_typeid, tvb, offset, 1, ENC_NA);
1358 /* We expect a byte of 0x00 here. */
1363 pinfo,
1364 item,
1365 encoding,
1366 offset,
1367 field_tree,
1368 is_reply_to,
1369 type_id,
1370 field_code,
1371 signature,
1372 signature_length,
1373 starting_offset);
1381 }
1386 }
1388 /* This is called by handle_message() to handle the message body.
1389 * @param tvb is the incoming network data buffer.
1390 * @param pinfo contains information about the incoming packet which
1391 * we update as we dissect the packet.
1392 * @param header_tree is the subtree that we connect data items to.
1393 * @param encoding indicates big (ENC_BIG_ENDIAN) or little (ENC_LITTLE_ENDIAN)
1394 * @param offset contains the offset into tvb for the start of the header fields.
1395 * @param header_length contains the length of the message fields.
1396 * @param signature_length contains the signature field length.
1397 */
1406 {
1412 item = proto_tree_add_item(header_tree, hf_alljoyn_mess_header_fields, tvb, offset, header_length, ENC_NA);
1418 offset = handle_message_field(tvb, pinfo, tree, encoding, offset, &signature, signature_length);
1419 }
1422 }
1424 /* This is called by handle_message() to handle the message body.
1425 * @param tvb is the incoming network data buffer.
1426 * @param header_tree is the subtree that we connect data items to.
1427 * @param encoding indicates big (ENC_BIG_ENDIAN) or little (ENC_LITTLE_ENDIAN)
1428 * @param offset contains the offset into tvb for the start of the parameters.
1429 * @param body_length contains the length of the body parameters.
1430 * @param signature the signature of the parameters.
1431 * @param signature_length contains the signature field length.
1432 */
1433 static int
1442 {
1450 /* Add a subtree/row for the message body parameters. */
1451 item = proto_tree_add_item(header_tree, hf_alljoyn_mess_body_parameters, tvb, offset, body_length, ENC_NA);
1458 }
1462 pinfo,
1463 NULL,
1464 encoding,
1465 offset,
1469 HDR_INVALID,
1472 starting_offset);
1473 }
1476 }
1478 #define MESSAGE_HEADER_LENGTH 16
1479 #define TYPE_OFFSET 1
1480 #define FLAGS_OFFSET 2
1481 #define MAJORVERSION_OFFSET 3
1482 #define BODY_LENGTH_OFFSET 4
1483 #define SERIAL_OFFSET 8
1484 #define HEADER_LENGTH_OFFSET 12
1486 /* This is called by dissect_AllJoyn_message() to handle the actual message.
1487 * If it was a message with valid header and optional body then return true.
1488 * If not a valid message return false.
1489 * @param tvb is the incoming network data buffer.
1490 * @param pinfo contains information about the incoming packet.
1491 * @param offset is the offset into the packet to start processing.
1492 * @param message_tree is the subtree that any connect data items should be added to.
1493 * @param is_ardp is true if this is an ARDP packet.
1494 * @returns the offset into the packet that has successfully been handled or
1495 * the input offset value if it was not a message header body.
1496 */
1497 static int
1503 {
1520 /* We are done with everything in this packet don't try anymore. */
1522 }
1526 col_add_fstr(pinfo->cinfo, COL_INFO, "BAD DATA: Remaining packet length is %d. Expected >= %d && <= %d",
1528 }
1531 }
1537 /* ARDP (UDP) packets can't be desegmented by Wireshark and it is normal to see them in
1538 * fragments. Don't scare the user when they occur. Dissect as much as we easily can.
1539 * It should be possible to desegment TCIP packets. If not then something is wrong so tell
1540 * the user.
1541 */
1549 }
1551 /* In this case we can't desegment but it is an ARDP message so we want to dissect
1552 * at least the header. Therefore we fall through to the header parsing code if the packet size
1553 * is greater than or equal to the header size. Otherwise we return and report what we know.
1554 */
1556 col_add_fstr(pinfo->cinfo, COL_INFO, "Fragmented ARDP message: Remaining packet length is %d. Expected %d",
1559 }
1560 }
1562 /* In this case we can desegment */
1564 }
1565 }
1567 /* Add a subtree/row for the header. */
1568 header_item = proto_tree_add_item(message_tree, hf_alljoyn_mess_header, tvb, offset, MESSAGE_HEADER_LENGTH, ENC_NA);
1571 proto_tree_add_item(header_tree, hf_alljoyn_mess_header_endian, tvb, offset + ENDIANNESS_OFFSET, 1, ENC_ASCII|ENC_NA);
1572 proto_tree_add_item(header_tree, hf_alljoyn_mess_header_type, tvb, offset + TYPE_OFFSET, 1, ENC_NA);
1574 /* The flags byte. */
1575 flag_item = proto_tree_add_item(header_tree, hf_alljoyn_mess_header_flags, tvb, offset + FLAGS_OFFSET, 1, ENC_NA);
1578 /* Now the individual bits. */
1579 proto_tree_add_item(flag_tree, hf_alljoyn_mess_header_flags_encrypted, tvb, offset + FLAGS_OFFSET, 1, ENC_NA);
1580 proto_tree_add_item(flag_tree, hf_alljoyn_mess_header_flags_compressed, tvb, offset + FLAGS_OFFSET, 1, ENC_NA);
1581 proto_tree_add_item(flag_tree, hf_alljoyn_mess_header_flags_global_broadcast, tvb, offset + FLAGS_OFFSET, 1, ENC_NA);
1582 proto_tree_add_item(flag_tree, hf_alljoyn_mess_header_flags_sessionless, tvb, offset + FLAGS_OFFSET, 1, ENC_NA);
1583 proto_tree_add_item(flag_tree, hf_alljoyn_mess_header_flags_allow_remote_msg, tvb, offset + FLAGS_OFFSET, 1, ENC_NA);
1584 proto_tree_add_item(flag_tree, hf_alljoyn_mess_header_flags_no_auto_start, tvb, offset + FLAGS_OFFSET, 1, ENC_NA);
1585 proto_tree_add_item(flag_tree, hf_alljoyn_mess_header_flags_no_reply, tvb, offset + FLAGS_OFFSET, 1, ENC_NA);
1587 proto_tree_add_item(header_tree, hf_alljoyn_mess_header_majorversion, tvb, offset + MAJORVERSION_OFFSET, 1, ENC_NA);
1588 proto_tree_add_item(header_tree, hf_alljoyn_mess_header_body_length, tvb, offset + BODY_LENGTH_OFFSET, 4, encoding);
1590 proto_tree_add_item(header_tree, hf_alljoyn_mess_header_serial, tvb, offset + SERIAL_OFFSET, 4, encoding);
1591 col_add_fstr(pinfo->cinfo, COL_INFO, "Message %010u: '%s'", get_uint32(tvb, offset + SERIAL_OFFSET, encoding),
1592 val_to_str_const(tvb_get_uint8(tvb, offset + TYPE_OFFSET), message_header_encoding_vals, "Unexpected message type"));
1594 proto_tree_add_item(header_tree, hf_alljoyn_mess_header_header_length, tvb, offset + HEADER_LENGTH_OFFSET, 4, encoding);
1600 /* No need to call add_padding_item() after the following operation. It's not needed
1601 * because all message header fields widths are multiples of 8 and are padded as necessary.
1602 * Because the padding is taken care of in the individual message header field there is no
1603 * need for it here. The rounding here just gets the offset to the end of the last header
1604 * field and its (possible) padding.
1605 */
1611 col_append_sep_fstr(pinfo->cinfo, COL_INFO, NULL, "Fragmented ARDP message or bad data: Remaining packet length is %d. Expected %d",
1614 }
1618 pinfo,
1619 message_tree,
1620 encoding,
1621 offset,
1622 body_length,
1623 signature,
1624 signature_length);
1625 }
1628 }
1630 /* Test to see if this buffer contains something that might be an AllJoyn message.
1631 * @param tvb is the incoming network data buffer.
1632 * @param offset where to start parsing the buffer.
1633 * @param is_ardp If true then this is an ARDP packet which needs special treatment.
1634 * @returns true if probably an AllJoyn message.
1635 * false if probably not an AllJoyn message.
1636 */
1637 static bool
1639 {
1645 /* There is no initial connect byte or SASL when using ARDP. */
1647 /* initial byte for a connect message. */
1653 }
1658 if((length < offset + 2) || (try_val_to_str(tvb_get_uint8(tvb, offset + 1), message_header_encoding_vals) == NULL))
1662 }
1664 /* This is called by Wireshark for packet types that are registered
1665 * in the proto_reg_handoff_AllJoyn() function. This function handles
1666 * the packets for the traffic on port 9955.
1667 * @param tvb is the incoming network data buffer.
1668 * @param pinfo contains information about the incoming packet which
1669 * we update as we dissect the packet.
1670 * @param tree is the tree data items should be added to.
1671 * @param offset is the offset into the already partial dissected buffer
1672 * from dissect_AllJoyn_ardp() or 0 because this is just a bare
1673 * AllJoyn message.
1674 * @return 0 if not AllJoyn message protocol, or
1675 * the offset into the buffer we have successfully dissected (which
1676 * should normally be the packet length), or
1677 * the offset into the buffer we have dissected with
1678 * pinfo->desegment_len == additional bytes needed from the next packet
1679 * before we can dissect, or
1680 * 0 with pinfo->desegment_len == DESEGMENT_ONE_MORE_SEGMENT if another
1681 * segment is needed, or
1682 * packet_length if "really bad" parameters come in.
1683 */
1684 static int
1689 {
1696 /* If called after dissecting the ARDP protocol. This is the only time the offset will not be zero. */
1699 }
1707 /* Add a subtree covering the remainder of the packet */
1711 /* Continue as long as we are making progress and we haven't finished with the packet. */
1715 /* There is no initial connect byte or SASL when using ARDP. */
1721 }
1727 }
1728 }
1731 }
1734 }
1736 static void
1737 ns_parse_questions(tvbuff_t *tvb, int* offset, proto_tree* alljoyn_tree, uint8_t questions, unsigned message_version)
1738 {
1744 alljoyn_questions_ti = proto_tree_add_item(alljoyn_tree, hf_alljoyn_ns_whohas, tvb, *offset, 2, ENC_NA); /* "Who-Has Message" */
1748 proto_tree_add_item(alljoyn_questions_tree, hf_alljoyn_ns_whohas_t_flag, tvb, *offset, 1, ENC_NA);
1749 proto_tree_add_item(alljoyn_questions_tree, hf_alljoyn_ns_whohas_u_flag, tvb, *offset, 1, ENC_NA);
1750 proto_tree_add_item(alljoyn_questions_tree, hf_alljoyn_ns_whohas_s_flag, tvb, *offset, 1, ENC_NA);
1751 proto_tree_add_item(alljoyn_questions_tree, hf_alljoyn_ns_whohas_f_flag, tvb, *offset, 1, ENC_NA);
1752 }
1756 proto_tree_add_item(alljoyn_questions_tree, hf_alljoyn_ns_whohas_count, tvb, *offset, 1, ENC_NA);
1771 proto_tree_add_item(alljoyn_bus_name_tree, hf_alljoyn_string_size_8bit, tvb, *offset, 1, ENC_NA);
1774 proto_tree_add_item(alljoyn_bus_name_tree, hf_alljoyn_string_data, tvb, *offset, bus_name_size, ENC_ASCII);
1776 }
1778 }
1779 }
1781 /* The version 0 protocol looks like this:
1782 * Byte 0:
1783 * Bit 0 (ISAT_F): If '1' indicates the daemon is listening on an IPv4
1784 * address and that an IPv4 address is present in the message. If '0'
1785 * there is no IPv4 address present.
1786 *
1787 * Bit 1 (ISAT_S): If '1' the responding daemon is listening on an IPv6
1788 * address and that an IPv6 address is present in the message. If '0'
1789 * there is no IPv6 address present.
1790 *
1791 * Bit 2 (ISAT_U): If '1' the daemon is listening on UDP.
1792 *
1793 * Bit 3 (ISAT_T): If '1' the daemon is listening on TCP.
1794 *
1795 * Bit 4 (ISAT_C): If '1' the list of StringData records is a complete
1796 * list of all well-known names exported by the daemon.
1797 *
1798 * Bit 5 (ISAT_G): If '1' a variable length daemon GUID string is present.
1799 *
1800 * Bits 6-7: The message type of the IS-AT message. Defined to be '01' (1).
1801 *
1802 * Byte 1 (Count): The number of StringData items. Each StringData item
1803 * describes one well-known bus name supported by the daemon.
1804 *
1805 * Bytes 2-3 (Port): The port on which the daemon is listening.
1806 *
1807 * If the ISAT_F bit is set then the next four bytes is the IPv4 address on
1808 * which the daemon is listening.
1809 *
1810 * If the ISAT_S bit is set then the next 16 bytes is the IPv6 address on
1811 * which the daemon is listening.
1812 *
1813 * If the ISAT_G bit is set then the next data is daemon GUID StringData.
1814 *
1815 * The next data is a variable number of StringData records.
1816 */
1817 static void
1819 {
1826 alljoyn_answers_ti = proto_tree_add_item(alljoyn_tree, hf_alljoyn_answer, tvb, *offset, 2, ENC_NA);
1842 proto_tree_add_item(alljoyn_answers_tree, hf_alljoyn_ns_isat_port, tvb, *offset, 2, ENC_BIG_ENDIAN);
1848 }
1851 proto_tree_add_item(alljoyn_answers_tree, hf_alljoyn_ns_isat_ipv4, tvb, *offset, 4, ENC_BIG_ENDIAN);
1853 }
1862 alljoyn_string_ti = proto_tree_add_item(alljoyn_answers_tree, hf_alljoyn_isat_guid_string, tvb,
1866 proto_tree_add_item(alljoyn_string_tree, hf_alljoyn_string_size_8bit, tvb, *offset, 1, ENC_NA);
1869 proto_tree_add_item(alljoyn_string_tree, hf_alljoyn_string_data, tvb, *offset, guid_size, ENC_ASCII);
1871 }
1888 proto_tree_add_item(alljoyn_bus_name_tree, hf_alljoyn_string_size_8bit, tvb, *offset, 1, ENC_NA);
1891 proto_tree_add_item(alljoyn_bus_name_tree, hf_alljoyn_string_data, tvb, *offset, bus_name_size, ENC_ASCII);
1893 }
1894 }
1895 }
1897 /* The version 1 protocol looks like this:
1898 * Byte 0:
1899 * Bit 0 (ISAT_U6): If '1' then the IPv6 endpoint of an unreliable method
1900 * (UDP) transport (IP address and port) is present.
1901 *
1902 * Bit 1 (ISAT_R6): If '1' then the IPv6 endpoint of a reliable method
1903 * (TCP) transport (IP address and port) is present.
1904 *
1905 * Bit 2 (ISAT_U4): If '1' then the IPv4 endpoint of an unreliable method
1906 * (UDP) transport (IP address and port) is present.
1907 *
1908 * Bit 3 (ISAT_R4): If '1' then the IPv4 endpoint of a reliable method
1909 * (TCP) transport (IP address and port) is present.
1910 *
1911 * Bit 4 (ISAT_C): If '1' the list of StringData records is a complete
1912 * list of all well-known names exported by the daemon.
1913 *
1914 * Bit 5 (ISAT_G): If '1' a variable length daemon GUID string is present.
1915 *
1916 * Bits 6-7: The message type of the IS-AT message. Defined to be '01' (1).
1917 *
1918 * Byte 1 (Count): The number of StringData items. Each StringData item
1919 * describes one well-known bus name supported by the daemon.
1920 *
1921 * Bytes 2-3 (TransportMask): The bit mask of transport identifiers that
1922 * indicates which AllJoyn transport is making the advertisement.
1923 *
1924 * If the ISAT_R4 bit is set then the next four bytes is the IPv4 address on
1925 * which the daemon is listening.
1926 *
1927 * If the ISAT_R4 bit is set then the next two bytes is the IPv4 port on
1928 * which the daemon is listening.
1929 *
1930 * If the ISAT_R6 bit is set then the next 16 bytes is the IPv6 address on
1931 * which the daemon is listening for TCP traffic.
1932 *
1933 * If the ISAT_R6 bit is set then the next two bytes is the IPv6 port on
1934 * which the daemon is listening for TCP traffic.
1935 *
1936 * If the ISAT_U6 bit is set then the next 16 bytes is the IPv6 address on
1937 * which the daemon is listening for UDP traffic.
1938 *
1939 * If the ISAT_U6 bit is set then the next two bytes is the IPv6 port on
1940 * which the daemon is listening for UDP traffic.
1941 *
1942 * If the ISAT_G bit is set then the next data is daemon GUID StringData.
1943 *
1944 * The next data is a variable number of StringData records.
1945 */
1946 static void
1948 {
1955 alljoyn_answers_ti = proto_tree_add_item(alljoyn_tree, hf_alljoyn_answer, tvb, *offset, 2, ENC_NA);
1961 proto_tree_add_item(alljoyn_answers_tree, hf_alljoyn_ns_isat_r4_flag, tvb, *offset, 1, ENC_NA);
1962 proto_tree_add_item(alljoyn_answers_tree, hf_alljoyn_ns_isat_u4_flag, tvb, *offset, 1, ENC_NA);
1964 proto_tree_add_item(alljoyn_answers_tree, hf_alljoyn_ns_isat_r6_flag, tvb, *offset, 1, ENC_NA);
1965 proto_tree_add_item(alljoyn_answers_tree, hf_alljoyn_ns_isat_u6_flag, tvb, *offset, 1, ENC_NA);
1974 /* The entire transport mask. */
1975 proto_tree_add_item(alljoyn_answers_tree, hf_alljoyn_ns_isat_transport_mask, tvb, *offset, 2, ENC_BIG_ENDIAN);
1977 /* The individual bits of the transport mask. */
1978 proto_tree_add_item(alljoyn_answers_tree, hf_alljoyn_ns_isat_transport_mask_wfd, tvb, *offset, 2, ENC_NA);
1979 proto_tree_add_item(alljoyn_answers_tree, hf_alljoyn_ns_isat_transport_mask_ice, tvb, *offset, 2, ENC_NA);
1980 proto_tree_add_item(alljoyn_answers_tree, hf_alljoyn_ns_isat_transport_mask_lan, tvb, *offset, 2, ENC_NA);
1981 proto_tree_add_item(alljoyn_answers_tree, hf_alljoyn_ns_isat_transport_mask_wwan, tvb, *offset, 2, ENC_NA);
1982 proto_tree_add_item(alljoyn_answers_tree, hf_alljoyn_ns_isat_transport_mask_tcp, tvb, *offset, 2, ENC_NA);
1983 proto_tree_add_item(alljoyn_answers_tree, hf_alljoyn_ns_isat_transport_mask_bluetooth, tvb, *offset, 2, ENC_NA);
1984 proto_tree_add_item(alljoyn_answers_tree, hf_alljoyn_ns_isat_transport_mask_local, tvb, *offset, 2, ENC_NA);
1989 proto_tree_add_item(alljoyn_answers_tree, hf_alljoyn_ns_isat_ipv4, tvb, *offset, 4, ENC_BIG_ENDIAN);
1992 proto_tree_add_item(alljoyn_answers_tree, hf_alljoyn_ns_isat_port, tvb, *offset, 2, ENC_BIG_ENDIAN);
1994 }
1997 proto_tree_add_item(alljoyn_answers_tree, hf_alljoyn_ns_isat_ipv4, tvb, *offset, 4, ENC_BIG_ENDIAN);
2000 proto_tree_add_item(alljoyn_answers_tree, hf_alljoyn_ns_isat_port, tvb, *offset, 2, ENC_BIG_ENDIAN);
2002 }
2008 proto_tree_add_item(alljoyn_answers_tree, hf_alljoyn_ns_isat_port, tvb, *offset, 2, ENC_BIG_ENDIAN);
2010 }
2016 proto_tree_add_item(alljoyn_answers_tree, hf_alljoyn_ns_isat_port, tvb, *offset, 2, ENC_BIG_ENDIAN);
2018 }
2027 alljoyn_string_ti = proto_tree_add_item(alljoyn_answers_tree, hf_alljoyn_isat_guid_string, tvb,
2031 proto_tree_add_item(alljoyn_string_tree, hf_alljoyn_string_size_8bit, tvb, *offset, 1, ENC_NA);
2034 proto_tree_add_item(alljoyn_string_tree, hf_alljoyn_string_data, tvb, *offset, guid_size, ENC_ASCII);
2036 }
2038 /* The string data records. */
2055 proto_tree_add_item(alljoyn_bus_name_tree, hf_alljoyn_string_size_8bit, tvb, *offset, 1, ENC_NA);
2058 proto_tree_add_item(alljoyn_bus_name_tree, hf_alljoyn_string_data, tvb, *offset, bus_name_size, ENC_ASCII);
2060 }
2061 }
2062 }
2064 /* This is called by Wireshark for packet types that are registered
2065 in the proto_reg_handoff_AllJoyn() function. This function handles
2066 the packets for the name server traffic.
2067 * @param tvb is the incoming network data buffer.
2068 * @param pinfo contains information about the incoming packet which
2069 * we update as we dissect the packet.
2070 * @param tree is the tree data items should be added to.
2071 */
2072 static int
2077 {
2084 /* This is name service traffic. Mark it as such at the top level. */
2088 /* Add a subtree covering the remainder of the packet */
2092 /* Add the "header protocol" as a subtree from the AllJoyn Name Service Protocol. */
2096 /* The the sender and message versions as fields for the header protocol. */
2135 /* XXX - expert info */
2136 /* This case being unsupported is reported in the column info by
2137 * the caller of this function. */
2139 }
2140 }
2143 }
2145 /* This is a container for the ARDP info and Wireshark tree information.
2146 */
2148 {
2162 /* This is called by dissect_AllJoyn_ardp() to read the header
2163 * and fill out most of tree_data.
2164 * @param tvb is the incoming network data buffer.
2165 * @param pinfo contains information about the incoming packet which
2166 * we update as we dissect the packet.
2167 * @param tree_data is the destination of the data..
2168 */
2169 static void
2173 {
2188 /* The packet length has to be ARDP_HEADER_LEN_OFFSET long or protocol_is_ardp() would
2189 have returned false. Length is expressed in words so multiply by 2. */
2193 /* If we need more data before dissecting then communicate the number of additional bytes needed. */
2196 /* Inform the caller we made it this far. Returning zero means we made no progress.
2197 This is the offset just past the last byte we successfully retrieved. */
2201 }
2206 /* If we need more data before dissecting then communicate the number of additional bytes needed. */
2209 /* Inform the caller we made it this far. Returning zero it means we made no progress.
2210 This is the offset just past the last byte we successfully retrieved. */
2213 }
2215 proto_tree_add_item(tree_data->alljoyn_tree, hf_ardp_syn_flag, tvb, tree_data->offset, 1, ENC_NA);
2216 proto_tree_add_item(tree_data->alljoyn_tree, hf_ardp_ack_flag, tvb, tree_data->offset, 1, ENC_NA);
2217 proto_tree_add_item(tree_data->alljoyn_tree, hf_ardp_eak_flag, tvb, tree_data->offset, 1, ENC_NA);
2218 proto_tree_add_item(tree_data->alljoyn_tree, hf_ardp_rst_flag, tvb, tree_data->offset, 1, ENC_NA);
2219 proto_tree_add_item(tree_data->alljoyn_tree, hf_ardp_nul_flag, tvb, tree_data->offset, 1, ENC_NA);
2220 proto_tree_add_item(tree_data->alljoyn_tree, hf_ardp_unused_flag, tvb, tree_data->offset, 1, ENC_NA);
2221 proto_tree_add_item(tree_data->alljoyn_tree, hf_ardp_version_field, tvb, tree_data->offset, 1, ENC_NA);
2228 proto_tree_add_item(tree_data->alljoyn_tree, hf_ardp_src, tvb, tree_data->offset, 2, ENC_BIG_ENDIAN);
2231 proto_tree_add_item(tree_data->alljoyn_tree, hf_ardp_dst, tvb, tree_data->offset, 2, ENC_BIG_ENDIAN);
2234 proto_tree_add_item(tree_data->alljoyn_tree, hf_ardp_dlen, tvb, tree_data->offset, 2, ENC_BIG_ENDIAN);
2237 proto_tree_add_item(tree_data->alljoyn_tree, hf_ardp_seq, tvb, tree_data->offset, 4, ENC_BIG_ENDIAN);
2241 proto_tree_add_item(tree_data->alljoyn_tree, hf_ardp_ack, tvb, tree_data->offset, 4, ENC_BIG_ENDIAN);
2246 proto_tree_add_item(tree_data->alljoyn_tree, hf_ardp_segmax, tvb, tree_data->offset, 2, ENC_BIG_ENDIAN);
2249 proto_tree_add_item(tree_data->alljoyn_tree, hf_ardp_segbmax, tvb, tree_data->offset, 2, ENC_BIG_ENDIAN);
2252 proto_tree_add_item(tree_data->alljoyn_tree, hf_ardp_dackt, tvb, tree_data->offset, 4, ENC_BIG_ENDIAN);
2255 proto_tree_add_item(tree_data->alljoyn_tree, hf_ardp_options, tvb, tree_data->offset, 2, ENC_BIG_ENDIAN);
2258 proto_tree_add_item(tree_data->alljoyn_tree, hf_ardp_ttl, tvb, tree_data->offset, 4, ENC_BIG_ENDIAN);
2261 proto_tree_add_item(tree_data->alljoyn_tree, hf_ardp_lcs, tvb, tree_data->offset, 4, ENC_BIG_ENDIAN);
2264 proto_tree_add_item(tree_data->alljoyn_tree, hf_ardp_nsa, tvb, tree_data->offset, 4, ENC_BIG_ENDIAN);
2267 proto_tree_add_item(tree_data->alljoyn_tree, hf_ardp_fss, tvb, tree_data->offset, 4, ENC_BIG_ENDIAN);
2271 proto_tree_add_item(tree_data->alljoyn_tree, hf_ardp_fcnt, tvb, tree_data->offset, 2, ENC_BIG_ENDIAN);
2277 /* In the case of a corrupted packet eaklen could be < 0 and bad things could happen. */
2280 proto_tree_add_item(tree_data->alljoyn_tree, hf_ardp_bmp, tvb, tree_data->offset, eaklen, ENC_NA);
2281 }
2284 }
2286 /* The data_length bytes, if any, will be passed on to the dissect_AllJoyn_message() handler. */
2287 }
2288 }
2290 /* Test to see if this buffer contains something that might be the AllJoyn ARDP protocol.
2291 * @param tvb is the incoming network data buffer.
2292 * @returns true if probably the AllJoyn ARDP protocol.
2293 * false if probably not the AllJoyn ARDP protocol.
2294 */
2295 static bool
2297 {
2301 /* We must be able to get the byte value at this offset to determine if it is an ARDP protocol. */
2304 }
2306 /* Length is expressed in words. */
2313 }
2317 }
2320 }
2322 /* This is called by Wireshark for packet types that are registered
2323 in the proto_reg_handoff_AllJoyn() function. This function handles
2324 the packets for the ARDP and bare AllJoyn message protocols. A test
2325 for bare AllJoyn message protocol is done first. If it is an AllJoyn
2326 packet then only dissect_AllJoyn_message() is called to dissect the
2327 data. If protocol_is_alljoyn_message() returns false then a test for
2328 the ARDP protocol is performed. If it succeeds then ARDP dissection
2329 proceeds and may call dissect_AllJoyn_message() with the offset just
2330 past the ARDP protocol.
2331 * @param tvb is the incoming network data buffer.
2332 * @param pinfo contains information about the incoming packet which
2333 * we update as we dissect the packet.
2334 * @param tree is the tree data items should be added to.
2335 * @return 0 if not AllJoyn ARDP protocol, or
2336 * the offset into the buffer we have dissected (which should normally
2337 * be the packet length), or
2338 * the offset into the buffer we have dissected with
2339 * pinfo->desegment_len == additional bytes needed from the next packet
2340 * before we can dissect.
2341 */
2342 static int
2347 {
2355 }
2359 }
2363 /* Add a subtree covering the remainder of the packet */
2369 /* Is desegmentation needed? */
2372 }
2375 /* This is ARDP traffic. Mark it as such at the top level. */
2377 }
2382 /* We have dissected the ARDP portion. Is the remainder an AllJoyn message? */
2385 }
2388 }
2390 /* return_value will be the offset into the successfully parsed
2391 * buffer, the requested length of a reassembled packet (with pinfo->desegment_len
2392 * and pinfo->desegment_offset set appropriately), 0 if desegmentation is needed but
2393 * isn't available, or the initial value (tree_data.offset) if no progress was made.
2394 * If dissect_AllJoyn_message() made progress or is requesting desegmentation then
2395 * return leaving the column info as handled by the AllJoyn message dissector. If
2396 * not then we fall through to set the column info in this dissector.
2397 */
2400 }
2401 }
2408 }
2411 }
2414 }
2417 }
2420 }
2428 col_append_sep_fstr(pinfo->cinfo, COL_INFO, NULL, "Fragment %d of %d for a previous ALLJOYN message", fragment, tree_data.fragment_count);
2429 }
2432 }
2434 void
2436 {
2439 /* A header field is something you can search/filter on.
2440 *
2441 * We create a structure to register our fields. It consists of an
2442 * array of hf_register_info structures, each of which are of the format
2443 * {&(field id), {name, abbrev, type, display, strings, bitmask, blurb, HFILL}}.
2444 * The array below defines what elements we will be displaying. These
2445 * declarations are simply a definition Wireshark uses to determine the data
2446 * type, when we later dissect the packet.
2447 */
2449 /******************
2450 * Wireshark header fields for the name service protocol.
2451 ******************/
2456 },
2461 },
2466 },
2471 },
2476 },
2481 },
2487 },
2492 },
2497 },
2502 },
2507 },
2512 },
2518 },
2523 },
2528 },
2530 /* Common to V0 and V1 IS-AT messages. */
2535 },
2540 },
2545 },
2550 },
2555 },
2557 /* Version 0 IS-AT messages. */
2562 },
2567 },
2572 },
2577 },
2582 },
2584 /* Version 1 IS-AT messages. */
2589 },
2594 },
2599 },
2604 },
2610 },
2616 },
2621 },
2626 },
2631 },
2636 },
2641 },
2646 },
2648 /******************
2649 * Wireshark header fields for the message protocol.
2650 ******************/
2655 },
2657 /*
2658 * Wireshark header fields for the SASL messages.
2659 */
2664 },
2669 },
2671 /*
2672 * Wireshark header fields for the AllJoyn message header.
2673 */
2678 },
2683 },
2688 },
2693 },
2695 /* Individual fields of the flags byte. */
2700 },
2705 },
2710 },
2715 },
2720 },
2725 },
2730 },
2736 },
2741 },
2746 },
2751 },
2757 },
2762 },
2767 },
2772 },
2778 },
2783 },
2788 },
2793 },
2798 },
2803 },
2808 },
2814 },
2819 },
2824 },
2829 },
2834 },
2839 },
2844 },
2849 },
2854 },
2859 },
2864 },
2866 /*
2867 * Strings are composed of a size and a data array.
2868 */
2873 },
2878 },
2883 },
2888 },
2889 /******************
2890 * Wireshark header fields for the AllJoyn Reliable Data Protocol.
2891 ******************/
2896 },
2985 };
3003 &ett_alljoyn_ardp
3004 };
3010 };
3012 /* The following are protocols as opposed to data within a protocol. These appear
3013 * in Wireshark a divider/header between different groups of data.
3014 */
3017 proto_AllJoyn_ns = proto_register_protocol("AllJoyn Name Service Protocol", "AllJoyn NS", "ajns");
3020 /* Message protocols */
3029 proto_AllJoyn_ardp = proto_register_protocol("AllJoyn Reliable Datagram Protocol", "AllJoyn ARDP", "ardp");
3031 }
3033 void
3035 {
3041 /* The ARDP dissector will directly call the AllJoyn message dissector if needed.
3042 * This includes the case where there is no ARDP data. */
3044 }
3046 /*
3047 * Editor modelines - https://www.wireshark.org/tools/modelines.html
3048 *
3049 * Local variables:
3050 * c-basic-offset: 4
3051 * tab-width: 8
3052 * indent-tabs-mode: nil
3053 * End:
3054 *
3055 * vi: set shiftwidth=4 tabstop=8 expandtab:
3056 * :indentSize=4:tabSize=8:noTabs=true:
3057 */