search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Revert "TODO epan/dissectors/asn1/kerberos/packet-kerberos-template.c new GSS flags"
[wireshark-sm.git] / epan / dissectors / packet-opsi.c
blob4f2ff3a5397e1ed9557917f5809282ef0e74146e
1 /* packet-opsi.c
2 * Routines for OPSI protocol dissection
3 * Copyright 2004, Laurent Rabret (France Telecom R&D) <laurent.rabret@i.hate.spams.org>
4 *
5 * Wireshark - Network traffic analyzer
6 * By Gerald Combs <gerald@wireshark.org>
7 * Copyright 1998 Gerald Combs
8 *
9 * SPDX-License-Identifier: GPL-2.0-or-later
10 */
11
12 #include "config.h"
13
14 #include <epan/packet.h>
15 #include <epan/prefs.h>
16 #include <epan/expert.h>
17
18 #include "packet-tcp.h"
19
20 void proto_register_opsi(void);
21 void proto_reg_handoff_opsi(void);
22
23 static dissector_handle_t opsi_handle;
24
25 /* TCP destination port dedicated to the OPSI protocol */
26 #define TCP_PORT_OPSI 4002 /* Not IANA registered */
27
28 /* Information position in OPSI header */
29 #define MAJOR_VERSION_OFFSET 0
30 #define MINOR_VERSION_OFFSET 1
31 #define CODE_OFFSET 2
32 #define HOOK_ID_OFFSET 3
33 #define PACKET_LENGTH_OFFSET 4
34 #define SESSION_OFFSET 6
35
36 #define HEADER_LENGTH 8
37
38
39 /* Valid OPSI code values */
40 #define DISCOVER_REQUEST 1
41 #define DISCOVER_RESPONSE 2
42 #define SERVICE_REQUEST 3
43 #define SERVICE_ACCEPT 4
44 #define SERVICE_REJECT 5
45 #define TERMINATE_REQUEST 6
46
47 /* Internal structure to dissect attributes */
48 typedef struct {
49 uint16_t attribute_type; /* attribute code */
50 const char *tree_text; /* text for fold out */
51 int *tree_id; /* id for add_item */
52 int *hf_type_attribute; /* id for search option */
53 void (*dissect)(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, proto_item *item,
54 int* hfValue, int offset, int length);
55 } opsi_attribute_handle_t;
56
57
58 /* Attributes codes */
59 #define USER_NAME_ATTRIBUTE 1
60 #define USER_PASSWD_ATTRIBUTE 2
61 #define CHAP_PASSWD_ATTRIBUTE 3
62 #define NAS_IP_ADDRESS_ATTRIBUTE 4
63 #define NAS_PORT_ATTRIBUTE 5
64 #define SERVICE_TYPE_ATTRIBUTE 6
65 #define FRAMED_PROTOCOL_ATTRIBUTE 7
66 #define FRAMED_ADDRESS_ATTRIBUTE 8
67 #define FRAMED_NETMASK_ATTRIBUTE 9
68 #define FRAMED_ROUTING_ATTRIBUTE 10
69 #define FRAMED_FILTER_ATTRIBUTE 11
70 #define FRAMED_MTU_ATTRIBUTE 12
71 #define FRAMED_COMPRESSION_ATTRIBUTE 13
72 #define CALLED_STATION_ID_ATTRIBUTE 30
73 #define CALLING_STATION_ID_ATTRIBUTE 31
74 #define NAS_IDENTIFIER 32
75 #define ACCOUNTING_40_ATTRIBUTE 40
76 #define ACCOUNTING_41_ATTRIBUTE 41
77 #define ACCOUNTING_42_ATTRIBUTE 42
78 #define ACCOUNTING_43_ATTRIBUTE 43
79 #define ACCOUNTING_SESSION_ID_ATTRIBUTE 44
80 #define ACCOUNTING_45_ATTRIBUTE 45
81 #define ACCOUNTING_46_ATTRIBUTE 46
82 #define ACCOUNTING_47_ATTRIBUTE 47
83 #define ACCOUNTING_48_ATTRIBUTE 48
84 #define ACCOUNTING_49_ATTRIBUTE 49
85 #define ACCOUNTING_50_ATTRIBUTE 50
86 #define ACCOUNTING_51_ATTRIBUTE 51
87 #define ACCOUNTING_52_ATTRIBUTE 52
88 #define ACCOUNTING_53_ATTRIBUTE 53
89 #define ACCOUNTING_54_ATTRIBUTE 54
90 #define ACCOUNTING_55_ATTRIBUTE 55
91 #define ACCOUNTING_56_ATTRIBUTE 56
92 #define ACCOUNTING_57_ATTRIBUTE 57
93 #define ACCOUNTING_58_ATTRIBUTE 58
94 #define ACCOUNTING_59_ATTRIBUTE 59
95 #define CHAP_CHALLENGE_ATTRIBUTE 60
96 #define NAS_PORT_TYPE_ATTRIBUTE 61
97 #define DESIGNATION_NUMBER_ATTRIBUTE 77
98 #define NAS_PORT_ID_ATTRIBUTE 87
99
100 #define SMC_AAAID_ATTRIBUTE 651
101 #define SMC_VPNID_ATTRIBUTE 652
102 #define SMC_VPNNAME_ATTRIBUTE 653
103 #define SMC_RANID_ATTRIBUTE 654
104 #define SMC_RANIP_ATTRIBUTE 655
105 #define SMC_RANNAME_ATTRIBUTE 656
106 #define SMC_POPID_ATTRIBUTE 657
107 #define SMC_POPNAME_ATTRIBUTE 658
108 #define SMC_SMCID_ATTRIBUTE 659
109 #define SMC_RECEIVE_TIME_ATTRIBUTE 660
110 #define SMC_STAT_TIME_ATTRIBUTE 661
111
112 #define OPSI_FLAGS_ATTRIBUTE 674
113 #define OPSI_APPLICATION_NAME_ATTRIBUTE 675
114
115 /*
116 * Published API functions. NOTE, "local" API functions
117 * only valid from the packet-opsi file.
118 */
119 static void decode_string_attribute(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, proto_item *item, int* hfValue, int offset, int length);
120 static void decode_ipv4_attribute(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, proto_item *item, int* hfValue, int offset, int length);
121 static void decode_longint_attribute(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, proto_item *item, int* hfValue, int offset, int length);
122 static void decode_value_string_attribute(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, proto_item *item, int* hfValue, int offset, int length);
123 static void decode_time_attribute(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, proto_item *item, int* hfValue, int offset, int length);
124 /******* *******/
125
126 /* Initialize the protocol and registered fields */
127 static int proto_opsi;
128 static int hf_opsi_major_version;
129 static int hf_opsi_minor_version;
130 static int hf_opsi_opcode;
131 static int hf_opsi_hook_id;
132 static int hf_opsi_length;
133 static int hf_opsi_session_id;
134 static int hf_user_name_att;
135 static int hf_password_att;
136 static int hf_chap_password_att;
137 static int hf_nas_ip_add_att;
138 static int hf_nas_port_att;
139 static int hf_service_type_att;
140 static int hf_framed_protocol_att;
141 static int hf_framed_address_att;
142 static int hf_framed_netmask_att;
143 static int hf_framed_routing_att;
144 static int hf_framed_filter_att;
145 static int hf_framed_mtu_att;
146 static int hf_framed_compression_att;
147 static int hf_called_station_att;
148 static int hf_calling_station_att;
149 static int hf_nas_identifier_att;
150 static int hf_accounting_att;
151 static int hf_acct_session_id_att;
152 static int hf_chap_challenge_att;
153 static int hf_nas_port_type_att;
154 static int hf_designation_num_att;
155 static int hf_nas_port_id_att;
156 static int hf_smc_aaa_id_att;
157 static int hf_smc_vpn_id_att;
158 static int hf_smc_vpn_name_att;
159 static int hf_smc_ran_id_att;
160 static int hf_smc_ran_ip_att;
161 static int hf_smc_ran_name_att;
162 static int hf_smc_pop_id_att;
163 static int hf_smc_pop_name_att;
164 static int hf_smc_id_att;
165 static int hf_smc_receive_time_att;
166 static int hf_smc_stat_time_att;
167 static int hf_opsi_flags_att;
168 static int hf_opsi_application_name_att;
169 static int hf_opsi_attribute_length;
170
171 /* Initialize the subtree pointers */
172 static int ett_opsi;
173 static int ett_opsi_user_name;
174 static int ett_opsi_user_password;
175 static int ett_opsi_chap_password;
176 static int ett_opsi_nas_ip_address;
177 static int ett_opsi_nas_port;
178 static int ett_opsi_service_type;
179 static int ett_opsi_framed_protocol;
180 static int ett_opsi_framed_address;
181 static int ett_opsi_framed_netmask;
182 static int ett_opsi_framed_routing;
183 static int ett_opsi_framed_filter;
184 static int ett_opsi_framed_mtu;
185 static int ett_opsi_framed_compression;
186 static int ett_opsi_called_station_id;
187 static int ett_opsi_calling_station_id;
188 static int ett_opsi_nas_identifier;
189 static int ett_opsi_accounting;
190 static int ett_opsi_acct_session_id;
191 static int ett_opsi_chap_challenge;
192 static int ett_opsi_nas_port_type;
193 static int ett_opsi_designation_number;
194 static int ett_opsi_nas_port_id;
195 static int ett_opsi_smc_aaa_id;
196 static int ett_opsi_smc_vpn_id;
197 static int ett_opsi_smc_vpn_name;
198 static int ett_opsi_smc_ran_id;
199 static int ett_opsi_smc_ran_ip;
200 static int ett_opsi_smc_ran_name;
201 static int ett_opsi_smc_pop_id;
202 static int ett_opsi_smc_pop_name;
203 static int ett_opsi_smc_id;
204 static int ett_opsi_smc_receive_time;
205 static int ett_opsi_smc_stat_time;
206 static int ett_opsi_flags;
207 static int ett_opsi_application_name;
208
209 static expert_field ei_opsi_unknown_attribute;
210 static expert_field ei_opsi_short_attribute;
211 static expert_field ei_opsi_short_frame;
212
213 /* Code mapping */
214 static const value_string opsi_opcode[] = {
215 { DISCOVER_REQUEST, "Discover Request" },
216 { DISCOVER_RESPONSE, "Discover Response" },
217 { SERVICE_REQUEST, "Service Request" },
218 { SERVICE_ACCEPT, "Service Accept" },
219 { SERVICE_REJECT, "Service Reject" },
220 { TERMINATE_REQUEST, "Terminate Request" },
221 { 0, NULL }
222 };
223
224 static const value_string opsi_service_type_code[] = {
225 { 1, "Login" },
226 { 2, "Framed" },
227 { 3, "Callback Login" },
228 { 4, "Callback Framed" },
229 { 5, "Outbound" },
230 { 6, "Administrative" },
231 { 7, "NAS Prompt" },
232 { 8, "Authenticate Only" },
233 { 9, "Callback NAS Prompt" },
234 { 0, NULL }
235 };
236
237 static const value_string opsi_framed_protocol_code[] = {
238 { 1, "PPP" },
239 { 2, "SLIP" },
240 { 3, "AppleTalk Remote Access Protocol (ARAP)" },
241 { 4, "Gandalf proprietary SingleLink/MultiLink protocol" },
242 { 5, "Xylogics proprietary IPX/SLIP" },
243 { 255, "Ascend ARA" },
244 { 256, "MPP" },
245 { 257, "EURAW" },
246 { 258, "EUUI" },
247 { 259, "X25" },
248 { 260, "COMB" },
249 { 261, "FR" },
250 { 262, "MP" },
251 { 263, "FR-CIR"},
252 { 0, NULL }
253 };
254
255 static const value_string opsi_framed_routing_code[] = {
256 { 0, "None" },
257 { 1, "Broadcast" },
258 { 2, "Listen" },
259 { 3, "Broadcast-Listen" },
260 { 4, "Broadcast V2" },
261 { 5, "Listen V2" },
262 { 6, "Broadcast-Listen V2" },
263 { 0, NULL },
264 };
265
266 static const value_string opsi_framed_compression_code[] = {
267 { 0, "None" },
268 { 1, "Van Jacobsen TCP/IP" },
269 { 2, "IPX header compression" },
270 { 0, NULL }
271 };
272
273 static const value_string opsi_nas_port_type_code[] = {
274 { 0, "Async" },
275 { 1, "Sync" },
276 { 2, "ISDN Sync" },
277 { 3, "ISDN Async V.120" },
278 { 4, "ISDN Async V.110" },
279 { 5, "Virtual" },
280 { 6, "PIAFS" },
281 { 7, "HDLC Clear Channel" },
282 { 8, "X.25" },
283 { 9, "X.75" },
284 { 10, "G.3 Fax" },
285 { 11, "SDSL - Symmetric DSL" },
286 { 12, "ADSL-CAP - Asymmetric DSL, Carrierless Amplitude Phase Modulation" },
287 { 13, "ADSL-DMT - Asymmetric DSL, Discrete Multi-Tone" },
288 { 14, "IDSL - ISDN Digital Subscriber Line" },
289 { 15, "Ethernet" },
290 { 16, "xDSL - Digital Subscriber Line of unknown type" },
291 { 17, "Cable" },
292 { 18, "Wireless - Other" },
293 { 19, "Wireless - IEEE 802.11" },
294 { 201, "Voice over IP" },
295 { 0, NULL }
296 };
297
298
299 /* Structure used to decode OPSI frame attributes */
300 /* CAUTION : it is compulsory to sort this array */
301 /* (first argument of the opsi_attribute_handle_t) */
302 /* in ascending order */
303 /* */
304 static opsi_attribute_handle_t opsi_attributes[] = {
305 { USER_NAME_ATTRIBUTE, /* 1 */
306 "User name attribute", &ett_opsi_user_name, &hf_user_name_att, decode_string_attribute },
307 { USER_PASSWD_ATTRIBUTE, /* 2 */
308 "User password attribute" , &ett_opsi_user_password, &hf_password_att, decode_string_attribute },
309 { CHAP_PASSWD_ATTRIBUTE, /* 3 */
310 "CHAP password attribute", &ett_opsi_chap_password, &hf_chap_password_att, decode_string_attribute },
311 { NAS_IP_ADDRESS_ATTRIBUTE, /* 4 */
312 "NAS IP address attribute", &ett_opsi_nas_ip_address, &hf_nas_ip_add_att, decode_ipv4_attribute },
313 {NAS_PORT_ATTRIBUTE, /* 5 */
314 "NAS port attribute", &ett_opsi_nas_port, &hf_nas_port_att, decode_longint_attribute },
315 {SERVICE_TYPE_ATTRIBUTE, /* 6 */
316 "Service type attribute", &ett_opsi_service_type, &hf_service_type_att, decode_value_string_attribute },
317 {FRAMED_PROTOCOL_ATTRIBUTE, /* 7 */
318 "Framed protocol attribute", &ett_opsi_framed_protocol, &hf_framed_protocol_att, decode_value_string_attribute },
319 {FRAMED_ADDRESS_ATTRIBUTE, /* 8 */
320 "Framed address attribute", &ett_opsi_framed_address, &hf_framed_address_att, decode_ipv4_attribute },
321 {FRAMED_NETMASK_ATTRIBUTE, /* 9 */
322 "Framed netmask attribute", &ett_opsi_framed_netmask, &hf_framed_netmask_att, decode_ipv4_attribute },
323 {FRAMED_ROUTING_ATTRIBUTE, /* 10 */
324 "Framed routing attribute", &ett_opsi_framed_routing, &hf_framed_routing_att, decode_value_string_attribute },
325 {FRAMED_FILTER_ATTRIBUTE, /* 11 */
326 "Framed filter attribute", &ett_opsi_framed_filter, &hf_framed_filter_att, decode_string_attribute },
327 {FRAMED_MTU_ATTRIBUTE, /* 12 */
328 "Framed MTU attribute", &ett_opsi_framed_mtu, &hf_framed_mtu_att, decode_longint_attribute },
329 {FRAMED_COMPRESSION_ATTRIBUTE, /* 13 */
330 "Framed compression attribute", &ett_opsi_framed_compression, &hf_framed_compression_att, decode_value_string_attribute },
331 {CALLED_STATION_ID_ATTRIBUTE, /* 30 */
332 "Called station ID attribute", &ett_opsi_called_station_id, &hf_called_station_att, decode_string_attribute },
333 {CALLING_STATION_ID_ATTRIBUTE, /* 31 */
334 "Calling station ID attribute", &ett_opsi_calling_station_id, &hf_calling_station_att, decode_string_attribute },
335 {NAS_IDENTIFIER, /* 32 */
336 "NAS Identifier attribute", &ett_opsi_nas_identifier, &hf_nas_identifier_att, decode_string_attribute },
337 {ACCOUNTING_40_ATTRIBUTE, /* 40 */
338 "Accounting attribute", &ett_opsi_accounting, &hf_accounting_att, decode_string_attribute },
339 {ACCOUNTING_41_ATTRIBUTE, /* 41 */
340 "Accounting attribute", &ett_opsi_accounting, &hf_accounting_att, decode_string_attribute },
341 {ACCOUNTING_42_ATTRIBUTE, /* 42 */
342 "Accounting attribute", &ett_opsi_accounting, &hf_accounting_att, decode_string_attribute },
343 {ACCOUNTING_43_ATTRIBUTE, /* 43 */
344 "Accounting attribute", &ett_opsi_accounting, &hf_accounting_att, decode_string_attribute },
345 {ACCOUNTING_SESSION_ID_ATTRIBUTE, /* 44 */
346 "Accounting session ID attribute", &ett_opsi_acct_session_id, &hf_acct_session_id_att, decode_string_attribute },
347 {ACCOUNTING_45_ATTRIBUTE, /* 45 */
348 "Accounting attribute", &ett_opsi_accounting, &hf_accounting_att, decode_string_attribute },
349 {ACCOUNTING_46_ATTRIBUTE, /* 46 */
350 "Accounting attribute", &ett_opsi_accounting, &hf_accounting_att, decode_string_attribute },
351 {ACCOUNTING_47_ATTRIBUTE, /* 47 */
352 "Accounting attribute", &ett_opsi_accounting, &hf_accounting_att, decode_string_attribute },
353 {ACCOUNTING_48_ATTRIBUTE, /* 48 */
354 "Accounting attribute", &ett_opsi_accounting, &hf_accounting_att, decode_string_attribute },
355 {ACCOUNTING_49_ATTRIBUTE, /* 49 */
356 "Accounting attribute", &ett_opsi_accounting, &hf_accounting_att, decode_string_attribute },
357 {ACCOUNTING_50_ATTRIBUTE, /* 50 */
358 "Accounting attribute", &ett_opsi_accounting, &hf_accounting_att, decode_string_attribute },
359 {ACCOUNTING_51_ATTRIBUTE, /* 51 */
360 "Accounting attribute", &ett_opsi_accounting, &hf_accounting_att, decode_string_attribute },
361 {ACCOUNTING_52_ATTRIBUTE, /* 52 */
362 "Accounting attribute", &ett_opsi_accounting, &hf_accounting_att, decode_string_attribute },
363 {ACCOUNTING_53_ATTRIBUTE, /* 53 */
364 "Accounting attribute", &ett_opsi_accounting, &hf_accounting_att, decode_string_attribute },
365 {ACCOUNTING_54_ATTRIBUTE, /* 54 */
366 "Accounting attribute", &ett_opsi_accounting, &hf_accounting_att, decode_string_attribute },
367 {ACCOUNTING_55_ATTRIBUTE, /* 55 */
368 "Accounting attribute", &ett_opsi_accounting, &hf_accounting_att, decode_string_attribute },
369 {ACCOUNTING_56_ATTRIBUTE, /* 56 */
370 "Accounting attribute", &ett_opsi_accounting, &hf_accounting_att, decode_string_attribute },
371 {ACCOUNTING_57_ATTRIBUTE, /* 57 */
372 "Accounting attribute", &ett_opsi_accounting, &hf_accounting_att, decode_string_attribute },
373 {ACCOUNTING_58_ATTRIBUTE, /* 58 */
374 "Accounting attribute", &ett_opsi_accounting, &hf_accounting_att, decode_string_attribute },
375 {ACCOUNTING_59_ATTRIBUTE, /* 59 */
376 "Accounting attribute", &ett_opsi_accounting, &hf_accounting_att, decode_string_attribute },
377 {CHAP_CHALLENGE_ATTRIBUTE, /* 60 */
378 "CHAP challenge", &ett_opsi_chap_challenge, &hf_chap_challenge_att, decode_string_attribute },
379 {NAS_PORT_TYPE_ATTRIBUTE, /* 61 */
380 "NAS port type attribute", &ett_opsi_nas_port_type, &hf_nas_port_type_att, decode_value_string_attribute },
381 {DESIGNATION_NUMBER_ATTRIBUTE, /* 77 */
382 "Designation number attribute", &ett_opsi_designation_number, &hf_designation_num_att, decode_string_attribute },
383 {NAS_PORT_ID_ATTRIBUTE, /* 87 */
384 "NAS port ID attribute", &ett_opsi_nas_port_id, &hf_nas_port_id_att, decode_string_attribute },
385 {SMC_AAAID_ATTRIBUTE, /* 651 */
386 "SMC AAA ID attribute", &ett_opsi_smc_aaa_id, &hf_smc_aaa_id_att, decode_longint_attribute },
387 {SMC_VPNID_ATTRIBUTE, /* 652 */
388 "SMC VPN ID attribute", &ett_opsi_smc_vpn_id, &hf_smc_vpn_id_att, decode_longint_attribute },
389 {SMC_VPNNAME_ATTRIBUTE, /* 653 */
390 "SMC VPN name attribute", &ett_opsi_smc_vpn_name, &hf_smc_vpn_name_att, decode_string_attribute },
391 {SMC_RANID_ATTRIBUTE, /* 654 */
392 "SMC RAN ID attribute", &ett_opsi_smc_ran_id, &hf_smc_ran_id_att, decode_longint_attribute },
393 {SMC_RANIP_ATTRIBUTE, /* 655 */
394 "SMC RAN IP attribute", &ett_opsi_smc_ran_ip, &hf_smc_ran_ip_att, decode_ipv4_attribute },
395 {SMC_RANNAME_ATTRIBUTE, /* 656 */
396 "SMC RAN name attribute", &ett_opsi_smc_ran_name, &hf_smc_ran_name_att, decode_string_attribute },
397 {SMC_POPID_ATTRIBUTE, /* 657 */
398 "SMC POP ID attribute", &ett_opsi_smc_pop_id, &hf_smc_pop_id_att, decode_longint_attribute },
399 {SMC_POPNAME_ATTRIBUTE, /* 658 */
400 "SMC POP name attribute", &ett_opsi_smc_pop_name, &hf_smc_pop_name_att, decode_string_attribute },
401 {SMC_SMCID_ATTRIBUTE, /* 659 */
402 "SMC ID attribute", &ett_opsi_smc_id, &hf_smc_id_att, decode_longint_attribute },
403 {SMC_RECEIVE_TIME_ATTRIBUTE, /* 660 */
404 "SMC receive time attribute", &ett_opsi_smc_receive_time, &hf_smc_receive_time_att, decode_time_attribute },
405 {SMC_STAT_TIME_ATTRIBUTE, /* 661 */
406 "SMC stat time attribute", &ett_opsi_smc_stat_time, &hf_smc_stat_time_att, decode_longint_attribute },
407 {OPSI_FLAGS_ATTRIBUTE, /* 674 */
408 "OPSI flags attribute", &ett_opsi_flags, &hf_opsi_flags_att, decode_longint_attribute },
409 {OPSI_APPLICATION_NAME_ATTRIBUTE, /* 675 */
410 "OPSI application name attribute", &ett_opsi_application_name, &hf_opsi_application_name_att, decode_string_attribute },
411
412 };
413 #define OPSI_ATTRIBUTES_COUNT array_length(opsi_attributes)
414
415 /* Desegmentation of OPSI (over TCP) */
416 static bool opsi_desegment = true;
417
418 static void
419 decode_string_attribute(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, proto_item *item, int* hfValue, int offset, int length)
420 {
421 if (length < 4) {
422 expert_add_info(pinfo, item, &ei_opsi_short_attribute);
423 return;
424 }
425
426 proto_tree_add_item(tree, *hfValue, tvb, offset+4, length-4, ENC_ASCII|ENC_NA);
427 }
428
429
430 static void
431 decode_ipv4_attribute(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, proto_item *item, int* hfValue, int offset, int length)
432 {
433 if (length < 8) {
434 expert_add_info(pinfo, item, &ei_opsi_short_attribute);
435 return;
436 }
437 proto_tree_add_item(tree, *hfValue, tvb, offset+4, 4, ENC_BIG_ENDIAN);
438 }
439
440 static void
441 decode_longint_attribute(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, proto_item *item, int* hfValue, int offset, int length)
442 {
443 if (length < 8) {
444 expert_add_info(pinfo, item, &ei_opsi_short_attribute);
445 return;
446 }
447 proto_tree_add_item(tree, *hfValue, tvb, offset+4, 4, ENC_BIG_ENDIAN);
448 }
449
450 static void
451 decode_value_string_attribute(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, proto_item *item, int* hfValue, int offset, int length)
452 {
453 if (length < 8) {
454 expert_add_info(pinfo, item, &ei_opsi_short_attribute);
455 return;
456 }
457 proto_tree_add_item(tree, *hfValue, tvb, offset+4, 4, ENC_BIG_ENDIAN);
458 }
459
460 static void
461 decode_time_attribute(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, proto_item *item, int* hfValue, int offset, int length)
462 {
463 if (length < 8) {
464 expert_add_info(pinfo, item, &ei_opsi_short_attribute);
465 return;
466 }
467 proto_tree_add_item(tree, *hfValue, tvb, offset+4, 4, ENC_TIME_SECS|ENC_BIG_ENDIAN);
468 }
469
470 /****************************************************************************/
471 /********** End of attribute decoding ***************************************/
472 /****************************************************************************/
473
474 /* To find the correct size of the PDU. Needed by the desegmentation feature*/
475 static unsigned
476 get_opsi_pdu_len(packet_info *pinfo _U_, tvbuff_t *tvb, int offset, void *data _U_)
477 {
478 /*
479 * Get the length of the OPSI packet.
480 * We are guaranteed there're enough chars in tvb in order to
481 * extract the length value. No exception thrown !!
482 */
483 return tvb_get_ntohs(tvb, offset + 4);
484 }
485
486 static int
487 // NOLINTNEXTLINE(misc-no-recursion)
488 get_opsi_attribute_index(packet_info *pinfo, int min, int max, int attribute_type)
489 {
490 int middle, at;
491
492 middle = (min+max)/2;
493 at = opsi_attributes[middle].attribute_type;
494 if (at == attribute_type) return middle;
495 int attr_idx;
496 increment_dissection_depth(pinfo);
497 if (attribute_type > at) {
498 attr_idx = (middle == max) ? -1 : get_opsi_attribute_index(pinfo, middle+1, max, attribute_type);
499 } else {
500 attr_idx = (middle == min) ? -1 : get_opsi_attribute_index(pinfo, min, middle-1, attribute_type);
501 }
502 decrement_dissection_depth(pinfo);
503 return attr_idx;
504 }
505
506
507 static void
508 dissect_attributes(tvbuff_t *tvb, packet_info *pinfo, proto_tree *opsi_tree, int offset, int length)
509 {
510 int i;
511 int attribute_type;
512 int attribute_length;
513 proto_item *ti;
514 proto_tree *ntree = NULL;
515
516 while (length >= 4) {
517 attribute_type = tvb_get_ntohs(tvb, offset);
518 attribute_length = tvb_get_ntohs(tvb, offset+2);
519 if (attribute_length > length) break;
520 /* We perform a standard log(n) lookup */
521 i = get_opsi_attribute_index(pinfo, 0, OPSI_ATTRIBUTES_COUNT-1, attribute_type);
522 if (i == -1) {
523 proto_tree_add_expert_format(opsi_tree, pinfo, &ei_opsi_unknown_attribute, tvb, offset, attribute_length,
524 "Unknown attribute (%d)", attribute_type);
525 }
526 else {
527 ntree = proto_tree_add_subtree_format(opsi_tree, tvb, offset, attribute_length, *opsi_attributes[i].tree_id, &ti,
528 "%s (%d)", opsi_attributes[i].tree_text, attribute_type);
529 proto_tree_add_item(ntree, hf_opsi_attribute_length, tvb, offset+2, 2, ENC_BIG_ENDIAN);
530 opsi_attributes[i].dissect(tvb, pinfo, ntree, ti, opsi_attributes[i].hf_type_attribute, offset, attribute_length);
531 }
532 if (attribute_length < 4) {
533 /* Length must be at least 4, for the type and length. */
534 break;
535 }
536 offset += attribute_length;
537 length -= attribute_length;
538 }
539 if (length) {
540 proto_tree_add_expert(opsi_tree, pinfo, &ei_opsi_short_frame, tvb, offset, -1);
541 }
542 }
543
544 static int
545 dissect_opsi_pdu(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void* data _U_)
546 {
547 proto_item *ti;
548 proto_tree *opsi_tree;
549
550 col_set_str(pinfo->cinfo, COL_PROTOCOL, "OPSI");
551 col_clear(pinfo->cinfo, COL_INFO);
552
553 col_append_sep_str(pinfo->cinfo, COL_INFO, ", ",
554 val_to_str(tvb_get_uint8(tvb, CODE_OFFSET), opsi_opcode,
555 "<Unknown opcode %d>"));
556 col_set_fence(pinfo->cinfo, COL_INFO);
557
558 ti = proto_tree_add_item(tree, proto_opsi, tvb, 0, -1, ENC_NA);
559 opsi_tree = proto_item_add_subtree(ti, ett_opsi);
560
561 if (opsi_tree) {
562 proto_tree_add_item(opsi_tree, hf_opsi_major_version, tvb, MAJOR_VERSION_OFFSET, 1, ENC_BIG_ENDIAN);
563 proto_tree_add_item(opsi_tree, hf_opsi_minor_version, tvb, MINOR_VERSION_OFFSET, 1, ENC_BIG_ENDIAN);
564 proto_tree_add_item(opsi_tree, hf_opsi_opcode, tvb, CODE_OFFSET, 1, ENC_BIG_ENDIAN);
565 proto_tree_add_item(opsi_tree, hf_opsi_hook_id, tvb, HOOK_ID_OFFSET, 1, ENC_BIG_ENDIAN);
566 proto_tree_add_item(opsi_tree, hf_opsi_length, tvb, PACKET_LENGTH_OFFSET, 2, ENC_BIG_ENDIAN);
567 proto_tree_add_item(opsi_tree, hf_opsi_session_id, tvb, SESSION_OFFSET, 2, ENC_BIG_ENDIAN);
568 }
569
570 dissect_attributes(tvb, pinfo, opsi_tree, HEADER_LENGTH, MIN(((int)tvb_reported_length(tvb)-HEADER_LENGTH), (tvb_get_ntohs(tvb, PACKET_LENGTH_OFFSET)-HEADER_LENGTH)));
571 return tvb_reported_length(tvb);
572 }
573
574
575 static int
576 dissect_opsi(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void* data)
577 {
578 /* We should minimally grab the header */
579 tcp_dissect_pdus(tvb, pinfo, tree, opsi_desegment, HEADER_LENGTH, get_opsi_pdu_len,
580 dissect_opsi_pdu, data);
581 return tvb_reported_length(tvb);
582 }
583
584
585 void
586 proto_register_opsi(void)
587 {
588
589 /* Setup list of header fields See Section 1.6.1 for details*/
590 static hf_register_info hf[] = {
591 { &hf_opsi_major_version,
592 { "Major version", "opsi.major",
593 FT_UINT8, BASE_DEC, NULL, 0x0,
594 NULL, HFILL }
595 },
596 { &hf_opsi_minor_version,
597 { "Minor version", "opsi.minor",
598 FT_UINT8, BASE_DEC, NULL, 0x0,
599 NULL, HFILL }
600 },
601 { &hf_opsi_opcode,
602 { "Operation code", "opsi.opcode",
603 FT_UINT8, BASE_DEC, VALS(opsi_opcode), 0x0,
604 NULL, HFILL }
605 },
606 { &hf_opsi_hook_id,
607 { "Hook ID", "opsi.hook",
608 FT_UINT8, BASE_DEC, NULL, 0x0,
609 NULL, HFILL }
610 },
611 { &hf_opsi_length,
612 { "Message length", "opsi.length",
613 FT_UINT16, BASE_DEC, NULL, 0x0,
614 NULL, HFILL }
615 },
616 { &hf_opsi_session_id,
617 { "Session ID", "opsi.session_id",
618 FT_UINT16, BASE_DEC, NULL, 0x0,
619 NULL, HFILL }
620 },
621 { &hf_user_name_att,
622 { "User name", "opsi.attr.user_name",
623 FT_STRING, BASE_NONE, NULL, 0x00,
624 NULL, HFILL }
625 },
626 { &hf_password_att,
627 { "User password", "opsi.attr.password",
628 FT_STRING, BASE_NONE, NULL, 0x00,
629 NULL, HFILL }
630 },
631 { &hf_chap_password_att,
632 { "CHAP password attribute", "opsi.attr.chap_password",
633 FT_STRING, BASE_NONE, NULL, 0x00,
634 NULL, HFILL }
635 },
636 { &hf_nas_ip_add_att,
637 { "NAS IP address", "opsi.attr.nas_ip_addr",
638 FT_IPv4, BASE_NONE, NULL, 0x00,
639 NULL, HFILL }
640 },
641 { &hf_nas_port_att,
642 { "NAS port", "opsi.attr.nas_port",
643 FT_UINT32, BASE_HEX, NULL, 0x00,
644 NULL, HFILL }
645 },
646 { &hf_service_type_att,
647 { "Service type", "opsi.attr.service_type",
648 FT_UINT32, BASE_DEC, VALS(opsi_service_type_code), 0x0,
649 NULL, HFILL }
650 },
651 { &hf_framed_protocol_att,
652 { "Framed protocol", "opsi.attr.framed_protocol",
653 FT_UINT32, BASE_DEC, VALS(opsi_framed_protocol_code), 0x0,
654 NULL, HFILL }
655 },
656 { &hf_framed_address_att,
657 { "Framed address", "opsi.attr.framed_address",
658 FT_IPv4, BASE_NONE, NULL, 0x00,
659 NULL, HFILL }
660 },
661 { &hf_framed_netmask_att,
662 { "Framed netmask", "opsi.attr.framed_netmask",
663 FT_IPv4, BASE_NETMASK, NULL, 0x00,
664 NULL, HFILL }
665 },
666 { &hf_framed_routing_att,
667 { "Framed routing", "opsi.attr.framed_routing",
668 FT_UINT32, BASE_DEC, VALS(opsi_framed_routing_code), 0x0,
669 NULL, HFILL }
670 },
671 { &hf_framed_filter_att,
672 { "Framed filter", "opsi.attr.framed_filter",
673 FT_STRING, BASE_NONE, NULL, 0x00,
674 NULL, HFILL }
675 },
676 { &hf_framed_mtu_att,
677 { "Framed MTU", "opsi.attr.framed_mtu",
678 FT_UINT32, BASE_DEC, NULL, 0x00,
679 NULL, HFILL }
680 },
681 { &hf_framed_compression_att,
682 { "Framed compression", "opsi.attr.framed_compression",
683 FT_UINT32, BASE_DEC, VALS(opsi_framed_compression_code), 0x0,
684 NULL, HFILL }
685 },
686 { &hf_called_station_att,
687 { "Called station ID", "opsi.attr.called_station_id",
688 FT_STRING, BASE_NONE, NULL, 0x00,
689 NULL, HFILL }
690 },
691 { &hf_calling_station_att,
692 { "Calling station ID", "opsi.attr.calling_station_id",
693 FT_STRING, BASE_NONE, NULL, 0x00,
694 NULL, HFILL }
695 },
696 { &hf_nas_identifier_att,
697 { "NAS ID", "opsi.attr.nas_id",
698 FT_STRING, BASE_NONE, NULL, 0x00,
699 NULL, HFILL }
700 },
701 { &hf_accounting_att,
702 { "Accounting", "opsi.attr.accounting",
703 FT_STRING, BASE_NONE, NULL, 0x00,
704 NULL, HFILL }
705 },
706 { &hf_acct_session_id_att,
707 { "Accounting session ID", "opsi.attr.acct.session_id",
708 FT_STRING, BASE_NONE, NULL, 0x00,
709 NULL, HFILL }
710 },
711 { &hf_chap_challenge_att,
712 { "CHAP challenge", "opsi.attr.chap_challenge",
713 FT_STRING, BASE_NONE, NULL, 0x00,
714 NULL, HFILL }
715 },
716 { &hf_nas_port_type_att,
717 { "NAS port type", "opsi.attr.nas_port_type",
718 FT_UINT32, BASE_DEC, VALS(opsi_nas_port_type_code), 0x0,
719 NULL, HFILL }
720 },
721 { &hf_designation_num_att,
722 { "Designation number", "opsi.attr.designation_number",
723 FT_STRING, BASE_NONE, NULL, 0x00,
724 NULL, HFILL }
725 },
726 { &hf_nas_port_id_att,
727 { "NAS port ID", "opsi.attr.nas_port_id",
728 FT_STRING, BASE_NONE, NULL, 0x00,
729 NULL, HFILL }
730 },
731 { &hf_smc_aaa_id_att,
732 { "SMC AAA ID", "opsi.attr.smc_aaa_id",
733 FT_UINT32, BASE_DEC, NULL, 0x00,
734 NULL, HFILL }
735 },
736 { &hf_smc_vpn_id_att,
737 { "SMC VPN ID", "opsi.attr.smc_vpn_id",
738 FT_UINT32, BASE_DEC, NULL, 0x00,
739 NULL, HFILL }
740 },
741 { &hf_smc_vpn_name_att,
742 { "SMC VPN name", "opsi.attr.smc_vpn_name",
743 FT_STRING, BASE_NONE, NULL, 0x00,
744 NULL, HFILL }
745 },
746 { &hf_smc_ran_id_att,
747 { "SMC RAN ID", "opsi.attr.smc_ran_id",
748 FT_UINT32, BASE_DEC, NULL, 0x00,
749 NULL, HFILL }
750 },
751 { &hf_smc_ran_ip_att,
752 { "SMC RAN IP address", "opsi.attr.smc_ran_ip",
753 FT_IPv4, BASE_NONE, NULL, 0x00,
754 NULL, HFILL }
755 },
756 { &hf_smc_ran_name_att,
757 { "SMC RAN name", "opsi.attr.smc_ran_name",
758 FT_STRING, BASE_NONE, NULL, 0x00,
759 NULL, HFILL }
760 },
761 { &hf_smc_pop_id_att,
762 { "SMC POP id", "opsi.attr.smc_pop_id",
763 FT_UINT32, BASE_DEC, NULL, 0x00,
764 NULL, HFILL }
765 },
766 { &hf_smc_pop_name_att,
767 { "SMC POP name", "opsi.attr.smc_pop_name",
768 FT_STRING, BASE_NONE, NULL, 0x00,
769 NULL, HFILL }
770 },
771 { &hf_smc_id_att,
772 { "SMC ID", "opsi.attr.smc_id",
773 FT_UINT32, BASE_DEC, NULL, 0x00,
774 NULL, HFILL }
775 },
776 { &hf_smc_receive_time_att,
777 { "SMC receive time", "opsi.attr.smc_receive_time",
778 FT_ABSOLUTE_TIME, ABSOLUTE_TIME_LOCAL, NULL, 0x00,
779 NULL, HFILL }
780 },
781 { &hf_smc_stat_time_att,
782 { "SMC stat time", "opsi.attr.smc_stat_time",
783 FT_UINT32, BASE_DEC, NULL, 0x00,
784 NULL, HFILL }
785 },
786 { &hf_opsi_flags_att,
787 { "OPSI flags", "opsi.attr.flags",
788 FT_UINT32, BASE_DEC, NULL, 0x00,
789 NULL, HFILL }
790 },
791 { &hf_opsi_application_name_att,
792 { "OPSI application name", "opsi.attr.application_name",
793 FT_STRING, BASE_NONE, NULL, 0x00,
794 NULL, HFILL }
795 },
796 { &hf_opsi_attribute_length,
797 { "Length", "opsi.attr_length",
798 FT_UINT16, BASE_DEC, NULL, 0x00,
799 NULL, HFILL }
800 },
801 };
802
803 /* Setup protocol subtree array */
804 static int *ett[] = {
805 &ett_opsi,
806 &ett_opsi_user_name,
807 &ett_opsi_user_password,
808 &ett_opsi_chap_password,
809 &ett_opsi_nas_ip_address,
810 &ett_opsi_nas_port,
811 &ett_opsi_service_type,
812 &ett_opsi_framed_protocol,
813 &ett_opsi_framed_address,
814 &ett_opsi_framed_netmask,
815 &ett_opsi_framed_routing,
816 &ett_opsi_framed_filter,
817 &ett_opsi_framed_mtu,
818 &ett_opsi_framed_compression,
819 &ett_opsi_called_station_id,
820 &ett_opsi_calling_station_id,
821 &ett_opsi_nas_identifier,
822 &ett_opsi_accounting,
823 &ett_opsi_acct_session_id,
824 &ett_opsi_chap_challenge,
825 &ett_opsi_nas_port_type,
826 &ett_opsi_designation_number,
827 &ett_opsi_nas_port_id,
828 &ett_opsi_smc_aaa_id,
829 &ett_opsi_smc_vpn_id,
830 &ett_opsi_smc_vpn_name,
831 &ett_opsi_smc_ran_id,
832 &ett_opsi_smc_ran_ip,
833 &ett_opsi_smc_ran_name,
834 &ett_opsi_smc_pop_id,
835 &ett_opsi_smc_pop_name,
836 &ett_opsi_smc_id,
837 &ett_opsi_smc_receive_time,
838 &ett_opsi_smc_stat_time,
839 &ett_opsi_flags,
840 &ett_opsi_application_name,
841 };
842
843 static ei_register_info ei[] = {
844 { &ei_opsi_unknown_attribute, { "opsi.attr_unknown", PI_PROTOCOL, PI_WARN, "Unknown attribute", EXPFILL }},
845 { &ei_opsi_short_attribute, { "opsi.attr_too_short", PI_MALFORMED, PI_WARN, "Too short attribute!", EXPFILL }},
846 { &ei_opsi_short_frame, { "opsi.short_frame", PI_MALFORMED, PI_WARN, "Short frame", EXPFILL }},
847 };
848
849 /* For desegmentation / reassembly */
850 module_t *opsi_module;
851 expert_module_t* expert_opsi;
852
853 /* Register the protocol name and description */
854 proto_opsi = proto_register_protocol("Open Policy Service Interface", "OPSI", "opsi");
855
856 /* Required function calls to register the header fields and subtrees used */
857 proto_register_field_array(proto_opsi, hf, array_length(hf));
858 proto_register_subtree_array(ett, array_length(ett));
859 expert_opsi = expert_register_protocol(proto_opsi);
860 expert_register_field_array(expert_opsi, ei, array_length(ei));
861
862 /* We activate the desegmentation / reassembly feature */
863 opsi_module = prefs_register_protocol(proto_opsi, NULL);
864 prefs_register_bool_preference(opsi_module, "desegment_opsi_messages",
865 "Reassemble OPSI messages spanning multiple TCP segments",
866 "Whether the OPSI dissector should desegment all messages spanning multiple TCP segments",
867 &opsi_desegment);
868
869 /* Register the dissector */
870 opsi_handle = register_dissector("opsi", dissect_opsi, proto_opsi);
871 }
872
873
874 void
875 proto_reg_handoff_opsi(void)
876 {
877 dissector_add_uint_with_preference("tcp.port", TCP_PORT_OPSI, opsi_handle);
878 }
879
880 /*
881 * Editor modelines - https://www.wireshark.org/tools/modelines.html
882 *
883 * Local variables:
884 * c-basic-offset: 8
885 * tab-width: 8
886 * indent-tabs-mode: t
887 * End:
888 *
889 * vi: set shiftwidth=8 tabstop=8 noexpandtab:
890 * :indentSize=8:tabSize=8:noTabs=false:
891 */
Metzes wireshark repo