search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Revert "TODO epan/dissectors/asn1/kerberos/packet-kerberos-template.c new GSS flags"
[wireshark-sm.git] / epan / dissectors / packet-chdlc.c
blobeb979b6961540f0b33a1970c3b49ae47b28bdad9
1 /* packet-chdlc.c
2 * Routines for Cisco HDLC packet disassembly
3 *
4 * Wireshark - Network traffic analyzer
5 * By Gerald Combs <gerald@wireshark.org>
6 * Copyright 1998 Gerald Combs
7 *
8 * SPDX-License-Identifier: GPL-2.0-or-later
9 */
10
11 #include "config.h"
12
13 #include <epan/packet.h>
14 #include <epan/capture_dissectors.h>
15 #include <wsutil/pint.h>
16 #include <epan/etypes.h>
17 #include <epan/prefs.h>
18 #include <epan/chdlctypes.h>
19 #include <epan/nlpid.h>
20 #include <epan/addr_resolv.h>
21 #include "packet-chdlc.h"
22 #include "packet-ppp.h"
23 #include "packet-ip.h"
24 #include "packet-juniper.h"
25 #include "packet-l2tp.h"
26 #include <epan/expert.h>
27
28 /*
29 * See section 4.3.1 of RFC 1547, and
30 *
31 * http://www.nethelp.no/net/cisco-hdlc.txt
32 */
33
34 void proto_register_chdlc(void);
35 void proto_reg_handoff_chdlc(void);
36 void proto_register_slarp(void);
37 void proto_reg_handoff_slarp(void);
38
39 static int proto_chdlc;
40 static int hf_chdlc_addr;
41 static int hf_chdlc_control;
42 static int hf_chdlc_proto;
43 static int hf_chdlc_clns_padding;
44
45 static int ett_chdlc;
46
47 static int proto_slarp;
48 static int hf_slarp_ptype;
49 static int hf_slarp_address;
50 static int hf_slarp_netmask;
51 static int hf_slarp_mysequence;
52 static int hf_slarp_yoursequence;
53 static int hf_slarp_reliability;
54
55 static expert_field ei_slarp_reliability;
56 static int ett_slarp;
57
58 /*
59 * Protocol types for the Cisco HDLC format.
60 *
61 * As per the above, according to RFC 1547, these are "standard 16 bit
62 * Ethernet protocol type code[s]", but 0x8035 is Reverse ARP, and
63 * that is (at least according to the Linux ISDN code) not the
64 * same as Cisco SLARP.
65 *
66 * In addition, 0x2000 is apparently the Cisco Discovery Protocol, but
67 * on Ethernet those are encapsulated inside SNAP with an OUI of
68 * OUI_CISCO, not OUI_ENCAP_ETHER.
69 *
70 * We thus have a separate dissector table for Cisco HDLC types.
71 * We could perhaps have that table hold only type values that
72 * wouldn't be in the Ethernet dissector table, and check that
73 * table first and the Ethernet dissector table if that fails.
74 */
75 #define CISCO_SLARP 0x8035 /* Cisco SLARP protocol */
76
77 static dissector_table_t subdissector_table;
78
79 static dissector_handle_t chdlc_handle;
80
81 static capture_dissector_handle_t ip_cap_handle;
82
83 static const value_string chdlc_address_vals[] = {
84 {CHDLC_ADDR_UNICAST, "Unicast"},
85 {CHDLC_ADDR_MULTICAST, "Multicast"},
86 {0, NULL}
87 };
88
89 const value_string chdlc_vals[] = {
90 {0x2000, "Cisco Discovery Protocol"},
91 {ETHERTYPE_IP, "IP"},
92 {ETHERTYPE_IPv6, "IPv6"},
93 {CISCO_SLARP, "SLARP"},
94 {ETHERTYPE_DEC_LB, "DEC LanBridge"},
95 {CHDLCTYPE_BPDU, "Spanning Tree BPDU"},
96 {ETHERTYPE_ATALK, "Appletalk"},
97 {ETHERTYPE_AARP, "AARP"},
98 {ETHERTYPE_IPX, "Netware IPX/SPX"},
99 {ETHERTYPE_ETHBRIDGE, "Transparent Ethernet bridging" },
100 {CHDLCTYPE_OSI, "OSI" },
101 {ETHERTYPE_MPLS, "MPLS unicast"},
102 {ETHERTYPE_MPLS_MULTI, "MPLS multicast"},
103 {0, NULL}
104 };
105
106 static bool
107 capture_chdlc( const unsigned char *pd, int offset, int len, capture_packet_info_t *cpinfo, const union wtap_pseudo_header *pseudo_header) {
108 if (!BYTES_ARE_IN_FRAME(offset, len, 4))
109 return false;
110
111 switch (pntoh16(&pd[offset + 2])) {
112 case ETHERTYPE_IP:
113 return call_capture_dissector(ip_cap_handle, pd, offset + 4, len, cpinfo, pseudo_header);
114 }
115
116 return false;
117 }
118
119 void
120 chdlctype(dissector_handle_t sub_dissector, uint16_t chdlc_type,
121 tvbuff_t *tvb, int offset_after_chdlctype,
122 packet_info *pinfo, proto_tree *tree, proto_tree *fh_tree,
123 int chdlctype_id)
124 {
125 tvbuff_t *next_tvb;
126 int padbyte;
127
128 proto_tree_add_uint(fh_tree, chdlctype_id, tvb,
129 offset_after_chdlctype - 2, 2, chdlc_type);
130
131 padbyte = tvb_get_uint8(tvb, offset_after_chdlctype);
132 if (chdlc_type == CHDLCTYPE_OSI &&
133 !( padbyte == NLPID_ISO8473_CLNP || /* older Juniper SW does not send a padbyte */
134 padbyte == NLPID_ISO9542_ESIS ||
135 padbyte == NLPID_ISO10589_ISIS)) {
136 /* There is a Padding Byte for CLNS protocols over Cisco HDLC */
137 proto_tree_add_item(fh_tree, hf_chdlc_clns_padding, tvb, offset_after_chdlctype, 1, ENC_BIG_ENDIAN);
138 next_tvb = tvb_new_subset_remaining(tvb, offset_after_chdlctype + 1);
139 } else {
140 next_tvb = tvb_new_subset_remaining(tvb, offset_after_chdlctype);
141 }
142
143 /* dissect with the handle; if there's no handle, it's just data */
144 if (sub_dissector != NULL) {
145 call_dissector(sub_dissector, next_tvb, pinfo, tree);
146 } else {
147 col_add_fstr(pinfo->cinfo, COL_PROTOCOL, "0x%04x", chdlc_type);
148 call_data_dissector(next_tvb, pinfo, tree);
149 }
150 }
151
152 static int chdlc_fcs_decode; /* 0 = No FCS, 1 = 16 bit FCS, 2 = 32 bit FCS */
153
154 static int
155 dissect_chdlc(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void* data _U_)
156 {
157 proto_item *ti;
158 proto_tree *fh_tree = NULL;
159 uint16_t proto;
160 dissector_handle_t sub_dissector;
161
162 col_set_str(pinfo->cinfo, COL_PROTOCOL, "CHDLC");
163 col_clear(pinfo->cinfo, COL_INFO);
164
165 switch (pinfo->p2p_dir) {
166
167 case P2P_DIR_SENT:
168 col_set_str(pinfo->cinfo, COL_RES_DL_SRC, "DTE");
169 col_set_str(pinfo->cinfo, COL_RES_DL_DST, "DCE");
170 break;
171
172 case P2P_DIR_RECV:
173 col_set_str(pinfo->cinfo, COL_RES_DL_SRC, "DCE");
174 col_set_str(pinfo->cinfo, COL_RES_DL_DST, "DTE");
175 break;
176
177 default:
178 col_set_str(pinfo->cinfo, COL_RES_DL_SRC, "N/A");
179 col_set_str(pinfo->cinfo, COL_RES_DL_DST, "N/A");
180 break;
181 }
182
183 proto = tvb_get_ntohs(tvb, 2);
184
185 if (tree) {
186 ti = proto_tree_add_item(tree, proto_chdlc, tvb, 0, 4, ENC_NA);
187 fh_tree = proto_item_add_subtree(ti, ett_chdlc);
188
189 proto_tree_add_item(fh_tree, hf_chdlc_addr, tvb, 0, 1, ENC_NA);
190 proto_tree_add_item(fh_tree, hf_chdlc_control, tvb, 1, 1, ENC_NA);
191 }
192
193 decode_fcs(tvb, pinfo, fh_tree, chdlc_fcs_decode, 2);
194
195 sub_dissector = dissector_get_uint_handle(subdissector_table, proto);
196 chdlctype(sub_dissector, proto, tvb, 4, pinfo, tree, fh_tree, hf_chdlc_proto);
197 return tvb_captured_length(tvb);
198 }
199
200 void
201 proto_register_chdlc(void)
202 {
203 static hf_register_info hf[] = {
204 { &hf_chdlc_addr,
205 { "Address", "chdlc.address", FT_UINT8, BASE_HEX,
206 VALS(chdlc_address_vals), 0x0, NULL, HFILL }},
207 { &hf_chdlc_control,
208 { "Control", "chdlc.control", FT_UINT8, BASE_HEX,
209 NULL, 0x0, NULL, HFILL }},
210 { &hf_chdlc_proto,
211 { "Protocol", "chdlc.protocol", FT_UINT16, BASE_HEX,
212 VALS(chdlc_vals), 0x0, NULL, HFILL }},
213 { &hf_chdlc_clns_padding,
214 { "CLNS Padding", "chdlc.clns_padding", FT_UINT8, BASE_HEX,
215 NULL, 0x0, NULL, HFILL }},
216 };
217
218 static int *ett[] = {
219 &ett_chdlc,
220 };
221
222 module_t *chdlc_module;
223
224 proto_chdlc = proto_register_protocol("Cisco HDLC", "CHDLC", "chdlc");
225 proto_register_field_array(proto_chdlc, hf, array_length(hf));
226 proto_register_subtree_array(ett, array_length(ett));
227
228 /* subdissector code */
229 subdissector_table = register_dissector_table("chdlc.protocol",
230 "Cisco HDLC protocol", proto_chdlc,
231 FT_UINT16, BASE_HEX);
232
233 chdlc_handle = register_dissector("chdlc", dissect_chdlc, proto_chdlc);
234
235 /* Register the preferences for the chdlc protocol */
236 chdlc_module = prefs_register_protocol(proto_chdlc, NULL);
237
238 prefs_register_enum_preference(chdlc_module,
239 "fcs_type",
240 "CHDLC Frame Checksum Type",
241 "The type of CHDLC frame checksum (none, 16-bit, 32-bit)",
242 &chdlc_fcs_decode,
243 fcs_options, ENC_BIG_ENDIAN);
244
245 register_capture_dissector("chdlc", capture_chdlc, proto_chdlc);
246
247 }
248
249 void
250 proto_reg_handoff_chdlc(void)
251 {
252 capture_dissector_handle_t chdlc_cap_handle;
253
254 dissector_add_uint("wtap_encap", WTAP_ENCAP_CHDLC, chdlc_handle);
255 dissector_add_uint("wtap_encap", WTAP_ENCAP_CHDLC_WITH_PHDR, chdlc_handle);
256 dissector_add_uint("juniper.proto", JUNIPER_PROTO_CHDLC, chdlc_handle);
257 dissector_add_uint("l2tp.pw_type", L2TPv3_PW_CHDLC, chdlc_handle);
258
259 chdlc_cap_handle = find_capture_dissector("chdlc");
260 capture_dissector_add_uint("wtap_encap", WTAP_ENCAP_CHDLC, chdlc_cap_handle);
261
262 ip_cap_handle = find_capture_dissector("ip");
263 }
264
265
266
267
268 #define SLARP_REQUEST 0
269 #define SLARP_REPLY 1
270 #define SLARP_LINECHECK 2
271
272 static const value_string slarp_ptype_vals[] = {
273 {SLARP_REQUEST, "Request"},
274 {SLARP_REPLY, "Reply"},
275 {SLARP_LINECHECK, "Line keepalive"},
276 {0, NULL}
277 };
278
279 static int
280 dissect_slarp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void* data _U_)
281 {
282 proto_item *ti;
283 proto_tree *slarp_tree;
284 uint32_t code;
285 uint32_t addr;
286 uint32_t mysequence;
287 uint32_t yoursequence;
288 proto_item* reliability_item;
289
290 col_set_str(pinfo->cinfo, COL_PROTOCOL, "SLARP");
291 col_clear(pinfo->cinfo, COL_INFO);
292
293 code = tvb_get_ntohl(tvb, 0);
294
295 ti = proto_tree_add_item(tree, proto_slarp, tvb, 0, 14, ENC_NA);
296 slarp_tree = proto_item_add_subtree(ti, ett_slarp);
297
298 switch (code) {
299
300 case SLARP_REQUEST:
301 case SLARP_REPLY:
302 addr = tvb_get_ipv4(tvb, 4);
303 col_add_fstr(pinfo->cinfo, COL_INFO, "%s, from %s, mask %s",
304 val_to_str(code, slarp_ptype_vals, "Unknown (%d)"),
305 get_hostname(addr), tvb_ip_to_str(pinfo->pool, tvb, 8));
306 if (tree) {
307 proto_tree_add_uint(slarp_tree, hf_slarp_ptype, tvb, 0, 4, code);
308 proto_tree_add_item(slarp_tree, hf_slarp_address, tvb, 4, 4, ENC_BIG_ENDIAN);
309 proto_tree_add_item(slarp_tree, hf_slarp_netmask, tvb, 8, 4, ENC_BIG_ENDIAN);
310 }
311 break;
312
313 case SLARP_LINECHECK:
314 mysequence = tvb_get_ntohl(tvb, 4);
315 yoursequence = tvb_get_ntohl(tvb, 8);
316 col_add_fstr(pinfo->cinfo, COL_INFO,
317 "%s, outgoing sequence %u, returned sequence %u",
318 val_to_str(code, slarp_ptype_vals, "Unknown (%d)"),
319 mysequence, yoursequence);
320
321 proto_tree_add_uint(slarp_tree, hf_slarp_ptype, tvb, 0, 4, code);
322 proto_tree_add_uint(slarp_tree, hf_slarp_mysequence, tvb, 4, 4,
323 mysequence);
324 proto_tree_add_uint(slarp_tree, hf_slarp_yoursequence, tvb, 8, 4,
325 yoursequence);
326 reliability_item = proto_tree_add_item(slarp_tree, hf_slarp_reliability, tvb,
327 12, 2, ENC_BIG_ENDIAN);
328 if (tvb_get_ntohs(tvb, 12) != 0xFFFF) {
329 expert_add_info(pinfo, reliability_item, &ei_slarp_reliability);
330 }
331 break;
332
333 default:
334 col_add_fstr(pinfo->cinfo, COL_INFO, "Unknown packet type 0x%08X", code);
335
336 proto_tree_add_uint(slarp_tree, hf_slarp_ptype, tvb, 0, 4, code);
337 call_data_dissector(tvb_new_subset_remaining(tvb, 4), pinfo, slarp_tree);
338 break;
339 }
340 return tvb_captured_length(tvb);
341 }
342
343 void
344 proto_register_slarp(void)
345 {
346 expert_module_t* expert_slarp;
347
348 static hf_register_info hf[] = {
349 { &hf_slarp_ptype,
350 { "Packet type", "slarp.ptype", FT_UINT32, BASE_DEC,
351 VALS(slarp_ptype_vals), 0x0, NULL, HFILL }},
352 { &hf_slarp_address,
353 { "Address", "slarp.address", FT_IPv4, BASE_NONE,
354 NULL, 0x0, NULL, HFILL }},
355 /* XXX - need an FT_ for netmasks, which is like FT_IPV4 but doesn't
356 get translated to a host name. */
357 { &hf_slarp_netmask,
358 { "Netmask", "slarp.netmask", FT_IPv4, BASE_NETMASK,
359 NULL, 0x0, NULL, HFILL }},
360 { &hf_slarp_mysequence,
361 { "Outgoing sequence number", "slarp.mysequence", FT_UINT32, BASE_DEC,
362 NULL, 0x0, NULL, HFILL }},
363 { &hf_slarp_yoursequence,
364 { "Returned sequence number", "slarp.yoursequence", FT_UINT32, BASE_DEC,
365 NULL, 0x0, NULL, HFILL }},
366 { &hf_slarp_reliability,
367 { "Reliability", "slarp.reliability", FT_UINT16, BASE_HEX,
368 NULL, 0x0, NULL, HFILL }},
369 };
370 static int *ett[] = {
371 &ett_slarp,
372 };
373
374 static ei_register_info ei[] = {
375 { &ei_slarp_reliability, { "slarp.reliability.invalid", PI_MALFORMED, PI_ERROR,
376 "Reliability must be 0xFFFF", EXPFILL }}
377 };
378
379 proto_slarp = proto_register_protocol("Cisco SLARP", "SLARP", "slarp");
380 register_dissector("slarp", dissect_slarp, proto_slarp);
381 proto_register_field_array(proto_slarp, hf, array_length(hf));
382 proto_register_subtree_array(ett, array_length(ett));
383
384 expert_slarp = expert_register_protocol(proto_slarp);
385 expert_register_field_array(expert_slarp, ei, array_length(ei));
386 }
387
388 void
389 proto_reg_handoff_slarp(void)
390 {
391 dissector_add_uint("chdlc.protocol", CISCO_SLARP, find_dissector("slarp"));
392 }
393
394 /*
395 * Editor modelines - https://www.wireshark.org/tools/modelines.html
396 *
397 * Local Variables:
398 * c-basic-offset: 2
399 * tab-width: 8
400 * indent-tabs-mode: nil
401 * End:
402 *
403 * ex: set shiftwidth=2 tabstop=8 expandtab:
404 * :indentSize=2:tabSize=8:noTabs=true:
405 */
Metzes wireshark repo