epan/dissectors/packet-newmail.c

   1 /* packet-newmail.c
   2  * Routines for Exchange New Mail Notification dissection
   3  * Copyright 2006, Stephen Fisher (see AUTHORS file)
   4  *
   5  * Wireshark - Network traffic analyzer
   6  * By Gerald Combs <gerald@wireshark.org>
   7  * Copyright 1998 Gerald Combs
   8  *
   9  * SPDX-License-Identifier: GPL-2.0-or-later
  10  */
  11
  12 #include "config.h"
  13
  14 #include <epan/packet.h>
  15
  16 void proto_register_newmail(void);
  17 void proto_reg_handoff_newmail(void);
  18
  19 /* Initialize the protocol and registered fields */
  20 static int proto_newmail;
  21 static int hf_newmail_payload;
  22
  23 /* Initialize the subtree pointers */
  24 static int ett_newmail;
  25
  26 static dissector_handle_t newmail_handle;
  27
  28 /* Code to actually dissect the packets */
  29 static int
  30 dissect_newmail(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void* data _U_)
  31 {
  32         /* Set up structures needed to add the protocol subtree and manage it */
  33         proto_item *ti;
  34         proto_tree *newmail_tree;
  35
  36         /* Make entries in Protocol column and Info column on summary display */
  37         col_set_str(pinfo->cinfo, COL_PROTOCOL, "NEWMAIL");
  38
  39         col_set_str(pinfo->cinfo, COL_INFO, "Microsoft Exchange new mail notification");
  40
  41         if (tree) {
  42                 ti = proto_tree_add_item(tree, proto_newmail, tvb, 0, -1, ENC_NA);
  43
  44                 newmail_tree = proto_item_add_subtree(ti, ett_newmail);
  45
  46                 proto_tree_add_item(newmail_tree, hf_newmail_payload, tvb, 0, 8, ENC_NA);
  47         }
  48
  49         return tvb_captured_length(tvb);
  50 }
  51
  52
  53 /* Register the protocol with Wireshark */
  54 void
  55 proto_register_newmail(void)
  56 {
  57
  58         /* Setup list of header fields  See Section 1.6.1 for details*/
  59         static hf_register_info hf[] = {
  60                 { &hf_newmail_payload,
  61                   { "Notification payload", "newmail.notification_payload",
  62                     FT_BYTES, BASE_NONE, NULL, 0x0,
  63                     "Payload requested by client in the MAPI register push notification packet", HFILL }
  64                 },
  65         };
  66
  67         /* Setup protocol subtree array */
  68         static int *ett[] = {
  69                 &ett_newmail,
  70         };
  71
  72         proto_newmail = proto_register_protocol("Microsoft Exchange New Mail Notification", "NEWMAIL", "newmail");
  73
  74         proto_register_field_array(proto_newmail, hf, array_length(hf));
  75         proto_register_subtree_array(ett, array_length(ett));
  76
  77         newmail_handle = register_dissector("newmail", dissect_newmail, proto_newmail);
  78 }
  79
  80 void
  81 proto_reg_handoff_newmail(void)
  82 {
  83         dissector_add_for_decode_as_with_preference("udp.port", newmail_handle);
  84 }
  85
  86 /*
  87  * Editor modelines  -  https://www.wireshark.org/tools/modelines.html
  88  *
  89  * Local variables:
  90  * c-basic-offset: 8
  91  * tab-width: 8
  92  * indent-tabs-mode: t
  93  * End:
  94  *
  95  * vi: set shiftwidth=8 tabstop=8 noexpandtab:
  96  * :indentSize=8:tabSize=8:noTabs=false:
  97  */