search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
epan/dissectors/pidl/ C99 drsuapi
[wireshark-sm.git] / epan / dissectors / packet-sap.c
blob244e2b86df69805a7982602470c172441e231205
1 /* packet-sap.c
2 * Routines for sap packet dissection
3 * RFC 2974
4 *
5 * Heikki Vatiainen <hessu@cs.tut.fi>
6 *
7 * Wireshark - Network traffic analyzer
8 * By Gerald Combs <gerald@wireshark.org>
9 * Copyright 1998 Gerald Combs
10 *
11 * Copied from packet-tftp.c
12 *
13 * SPDX-License-Identifier: GPL-2.0-or-later
14 */
15
16 #include "config.h"
17
18 #include <epan/packet.h>
19 #include <epan/expert.h>
20 #include <epan/tfs.h>
21 #include <wsutil/array.h>
22
23 #define UDP_PORT_SAP 9875
24
25 #define MCAST_SAP_VERSION_MASK 0xE0 /* 3 bits for SAP version*/
26 #define MCAST_SAP_VERSION_SHIFT 5 /* Right shift 5 bits to get the version */
27 #define MCAST_SAP_VER0 0 /* Version 0 */
28 #define MCAST_SAP_VER1PLUS 1 /* Version 1 or later */
29
30 void proto_register_sap(void);
31 void proto_reg_handoff_sap(void);
32
33 static dissector_handle_t sap_handle;
34
35 static const value_string mcast_sap_ver[] = {
36 { MCAST_SAP_VER0, "SAPv0"},
37 { MCAST_SAP_VER1PLUS, "SAPv1 or later"},
38 { 0, NULL}
39 };
40
41 static const true_false_string mcast_sap_address_type = {"IPv6", "IPv4"};
42 static const true_false_string mcast_sap_message_type = { "Deletion", "Announcement"};
43 static const true_false_string mcast_sap_crypt_type = { "Payload encrypted", "Payload not encrypted"};
44 static const true_false_string mcast_sap_comp_type = { "Payload compressed", "Payload not compressed"};
45
46 static const value_string mcast_sap_auth_ver[] = {
47 { 1, "SAP authentication header v1"},
48 { 0, NULL}
49 };
50
51 static const true_false_string mcast_sap_auth_pad = {
52 "Authentication subheader padded to 32 bits",
53 "No padding required for the authentication subheader"
54 };
55
56 #define MCAST_SAP_AUTH_TYPE_MASK 0x0F /* 4 bits for the type of the authentication header */
57 #define MCAST_SAP_AUTH_TYPE_PGP 0
58 #define MCAST_SAP_AUTH_TYPE_CMS 1
59 static const value_string mcast_sap_auth_type[] = {
60 { MCAST_SAP_AUTH_TYPE_PGP, "PGP"},
61 { MCAST_SAP_AUTH_TYPE_CMS, "CMS"},
62 { 0, NULL}
63 };
64
65 #define MCAST_SAP_BIT_A 0x10 /* Address type: 0 IPv4, 1 IPv6 */
66 #define MCAST_SAP_BIT_R 0x08 /* Reserved: Must be 0 */
67 #define MCAST_SAP_BIT_T 0x04 /* Message Type: 0 announcement, 1 deletion */
68 #define MCAST_SAP_BIT_E 0x02 /* Encryption Bit: 1 payload encrypted */
69 #define MCAST_SAP_BIT_C 0x01 /* Compressed Bit: 1 payload zlib compressed */
70
71 #define MCAST_SAP_AUTH_BIT_P 0x10 /* Padding required for the authentication header */
72
73
74 static int proto_sap;
75 static int hf_sap_flags;
76 static int hf_sap_flags_v;
77 static int hf_sap_flags_a;
78 static int hf_sap_flags_r;
79 static int hf_sap_flags_t;
80 static int hf_sap_flags_e;
81 static int hf_sap_flags_c;
82 static int hf_auth_data;
83 static int hf_auth_flags;
84 static int hf_auth_flags_v;
85 static int hf_auth_flags_p;
86 static int hf_auth_flags_t;
87 /* Generated from convert_proto_tree_add_text.pl */
88 static int hf_sap_auth_len;
89 static int hf_sap_originating_source_ipv4;
90 static int hf_sap_auth_data_padding;
91 static int hf_sap_auth_subheader;
92 static int hf_sap_originating_source_ipv6;
93 static int hf_sap_message_identifier_hash;
94 static int hf_sap_auth_data_padding_len;
95 static int hf_sap_payload_type;
96
97 static int ett_sap;
98 static int ett_sap_flags;
99 static int ett_sap_auth;
100 static int ett_sap_authf;
101
102 static expert_field ei_sap_compressed_and_encrypted;
103 static expert_field ei_sap_encrypted;
104 static expert_field ei_sap_compressed;
105 /* Generated from convert_proto_tree_add_text.pl */
106 static expert_field ei_sap_bogus_authentication_or_pad_length;
107
108 static dissector_handle_t sdp_handle;
109
110 static int
111 dissect_sap(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void* data _U_)
112 {
113 int offset = 0;
114 int sap_version, is_ipv6, is_del, is_enc, is_comp, addr_len;
115 uint8_t vers_flags;
116 uint8_t auth_len;
117 uint8_t auth_flags;
118 tvbuff_t *next_tvb;
119
120 proto_item *si, *sif;
121 proto_tree *sap_tree = NULL, *sap_flags_tree;
122
123 col_set_str(pinfo->cinfo, COL_PROTOCOL, "SAP");
124 col_clear(pinfo->cinfo, COL_INFO);
125
126 vers_flags = tvb_get_uint8(tvb, offset);
127 is_ipv6 = vers_flags&MCAST_SAP_BIT_A;
128 is_del = vers_flags&MCAST_SAP_BIT_T;
129 is_enc = vers_flags&MCAST_SAP_BIT_E;
130 is_comp = vers_flags&MCAST_SAP_BIT_C;
131
132 sap_version = (vers_flags&MCAST_SAP_VERSION_MASK)>>MCAST_SAP_VERSION_SHIFT;
133 addr_len = (is_ipv6) ? (int)sizeof(ws_in6_addr) : 4;
134
135 col_add_fstr(pinfo->cinfo, COL_INFO, "%s (v%u)",
136 (is_del) ? "Deletion" : "Announcement", sap_version);
137
138 if (tree) {
139 si = proto_tree_add_item(tree, proto_sap, tvb, offset, -1, ENC_NA);
140 sap_tree = proto_item_add_subtree(si, ett_sap);
141
142 sif = proto_tree_add_item(sap_tree, hf_sap_flags, tvb, offset, 1, ENC_BIG_ENDIAN);
143 sap_flags_tree = proto_item_add_subtree(sif, ett_sap_flags);
144 proto_tree_add_item(sap_flags_tree, hf_sap_flags_v, tvb, offset, 1, ENC_BIG_ENDIAN);
145 proto_tree_add_item(sap_flags_tree, hf_sap_flags_a, tvb, offset, 1, ENC_NA);
146 proto_tree_add_item(sap_flags_tree, hf_sap_flags_r, tvb, offset, 1, ENC_NA);
147 proto_tree_add_item(sap_flags_tree, hf_sap_flags_t, tvb, offset, 1, ENC_NA);
148 proto_tree_add_item(sap_flags_tree, hf_sap_flags_e, tvb, offset, 1, ENC_NA);
149 proto_tree_add_item(sap_flags_tree, hf_sap_flags_c, tvb, offset, 1, ENC_NA);
150 }
151
152 offset++;
153
154 auth_len = tvb_get_uint8(tvb, offset);
155 proto_tree_add_item(sap_tree, hf_sap_auth_len, tvb, offset, 1, ENC_BIG_ENDIAN);
156 offset++;
157
158 proto_tree_add_item(sap_tree, hf_sap_message_identifier_hash, tvb, offset, 2, ENC_BIG_ENDIAN);
159 offset +=2;
160
161 if (is_ipv6)
162 proto_tree_add_item(sap_tree, hf_sap_originating_source_ipv6, tvb, offset, addr_len, ENC_NA);
163 else
164 proto_tree_add_item(sap_tree, hf_sap_originating_source_ipv4, tvb, offset, addr_len, ENC_BIG_ENDIAN);
165 offset += addr_len;
166
167 /* Authentication data lives in its own subtree */
168 if (auth_len > 0) {
169 uint32_t auth_data_len;
170 proto_item *sdi, *sai;
171 proto_tree *sa_tree, *saf_tree;
172 int has_pad;
173 uint8_t pad_len = 0;
174
175 auth_data_len = (uint32_t)(auth_len * sizeof(uint32_t));
176
177 sdi = proto_tree_add_item(sap_tree, hf_auth_data, tvb, offset, auth_data_len, ENC_NA);
178 sa_tree = proto_item_add_subtree(sdi, ett_sap_auth);
179
180 auth_flags = tvb_get_uint8(tvb, offset);
181 sai = proto_tree_add_item(sa_tree, hf_auth_flags, tvb, offset, 1, ENC_BIG_ENDIAN);
182 saf_tree = proto_item_add_subtree(sai, ett_sap_authf);
183 proto_tree_add_item(saf_tree, hf_auth_flags_v, tvb, offset, 1, ENC_BIG_ENDIAN);
184 proto_tree_add_item(saf_tree, hf_auth_flags_p, tvb, offset, 1, ENC_NA);
185 proto_tree_add_item(saf_tree, hf_auth_flags_t, tvb, offset, 1, ENC_BIG_ENDIAN);
186
187 has_pad = auth_flags&MCAST_SAP_AUTH_BIT_P;
188 if (has_pad) {
189 pad_len = tvb_get_uint8(tvb, offset+auth_data_len-1);
190 }
191
192 if ((int) auth_data_len - pad_len - 1 < 0) {
193 expert_add_info_format(pinfo, sai, &ei_sap_bogus_authentication_or_pad_length,
194 "Bogus authentication length (%d) or pad length (%d)", auth_len, pad_len);
195 return tvb_captured_length(tvb);
196 }
197
198
199 proto_tree_add_item(sa_tree, hf_sap_auth_subheader, tvb, offset+1, auth_data_len-pad_len-1, ENC_NA);
200 if (has_pad) {
201 proto_tree_add_item(sa_tree, hf_sap_auth_data_padding_len, tvb, offset+auth_data_len-1, 1, ENC_BIG_ENDIAN);
202 proto_tree_add_item(sa_tree, hf_sap_auth_data_padding, tvb, offset+auth_data_len-pad_len, pad_len, ENC_NA);
203 }
204
205 offset += auth_data_len;
206 }
207
208 if (is_enc || is_comp) {
209 expert_field *mangle;
210 if (is_enc && is_comp)
211 mangle = &ei_sap_compressed_and_encrypted;
212 else if (is_enc)
213 mangle = &ei_sap_encrypted;
214 else
215 mangle = &ei_sap_compressed;
216
217 proto_tree_add_expert(sap_tree, pinfo, mangle, tvb, offset, -1);
218 return tvb_captured_length(tvb);
219 }
220
221 if (tree) {
222 /* Do we have the optional payload type aka. MIME content specifier */
223 if (tvb_strneql(tvb, offset, "v=", strlen("v="))) {
224 int remaining_len;
225 uint32_t pt_len;
226 int pt_string_len;
227 uint8_t* pt_str;
228
229 remaining_len = tvb_captured_length_remaining(tvb, offset);
230 if (remaining_len == 0) {
231 /*
232 * "tvb_strneql()" failed because there was no
233 * data left in the packet.
234 *
235 * Set the remaining length to 1, so that
236 * we throw the appropriate exception in
237 * "tvb_get_ptr()", rather than displaying
238 * the payload type.
239 */
240 remaining_len = 1;
241 }
242
243 pt_string_len = tvb_strnlen(tvb, offset, remaining_len);
244 if (pt_string_len == -1) {
245 /*
246 * We didn't find a terminating '\0'; run to the
247 * end of the buffer.
248 */
249 pt_string_len = remaining_len;
250 pt_len = pt_string_len;
251 } else {
252 /*
253 * Include the '\0' in the total item length.
254 */
255 pt_len = pt_string_len + 1;
256 }
257
258 pt_str = tvb_get_string_enc(pinfo->pool, tvb, offset, pt_string_len, ENC_ASCII);
259 proto_tree_add_string_format_value(sap_tree, hf_sap_payload_type, tvb, offset, pt_len,
260 pt_str, "%s", pt_str);
261 offset += pt_len;
262 }
263 }
264
265 /* Done with SAP */
266 next_tvb = tvb_new_subset_remaining(tvb, offset);
267 call_dissector(sdp_handle, next_tvb, pinfo, tree);
268 return tvb_captured_length(tvb);
269 }
270
271 void proto_register_sap(void)
272 {
273
274 static hf_register_info hf[] = {
275 { &hf_sap_flags,
276 { "Flags", "sap.flags",
277 FT_UINT8, BASE_HEX, NULL, 0x0,
278 "Bits in the beginning of the SAP header", HFILL }},
279
280 { &hf_sap_flags_v,
281 { "Version Number", "sap.flags.v",
282 FT_UINT8, BASE_DEC, VALS(mcast_sap_ver), MCAST_SAP_VERSION_MASK,
283 "3 bit version field in the SAP header", HFILL }},
284
285 { &hf_sap_flags_a,
286 { "Address Type", "sap.flags.a",
287 FT_BOOLEAN, 8, TFS(&mcast_sap_address_type), MCAST_SAP_BIT_A,
288 "Originating source address type", HFILL }},
289
290 { &hf_sap_flags_r,
291 { "Reserved", "sap.flags.r",
292 FT_BOOLEAN, 8, TFS(&tfs_set_notset), MCAST_SAP_BIT_R,
293 NULL, HFILL }},
294
295 { &hf_sap_flags_t,
296 { "Message Type", "sap.flags.t",
297 FT_BOOLEAN, 8, TFS(&mcast_sap_message_type), MCAST_SAP_BIT_T,
298 "Announcement type", HFILL }},
299
300 { &hf_sap_flags_e,
301 { "Encryption Bit", "sap.flags.e",
302 FT_BOOLEAN, 8, TFS(&mcast_sap_crypt_type), MCAST_SAP_BIT_E,
303 NULL, HFILL }},
304
305 { &hf_sap_flags_c,
306 { "Compression Bit", "sap.flags.c",
307 FT_BOOLEAN, 8, TFS(&mcast_sap_comp_type), MCAST_SAP_BIT_C,
308 NULL, HFILL }},
309
310 { &hf_auth_data,
311 { "Authentication data", "sap.auth",
312 FT_NONE, BASE_NONE, NULL, 0x0,
313 NULL, HFILL }},
314
315 { &hf_auth_flags,
316 { "Authentication data flags", "sap.auth.flags",
317 FT_UINT8, BASE_HEX, NULL, 0x0,
318 NULL, HFILL }},
319
320 { &hf_auth_flags_v,
321 { "Version Number", "sap.auth.flags.v",
322 FT_UINT8, BASE_DEC, VALS(mcast_sap_auth_ver), MCAST_SAP_VERSION_MASK,
323 NULL, HFILL }},
324
325 { &hf_auth_flags_p,
326 { "Padding Bit", "sap.auth.flags.p",
327 FT_BOOLEAN, 8, TFS(&mcast_sap_auth_pad), MCAST_SAP_AUTH_BIT_P,
328 NULL, HFILL }},
329
330 { &hf_auth_flags_t,
331 { "Authentication Type", "sap.auth.flags.t",
332 FT_UINT8, BASE_DEC, VALS(mcast_sap_auth_type), MCAST_SAP_AUTH_TYPE_MASK,
333 NULL, HFILL }},
334
335 /* Generated from convert_proto_tree_add_text.pl */
336 { &hf_sap_auth_len, { "Authentication Length", "sap.auth.len", FT_UINT8, BASE_DEC, NULL, 0x0, NULL, HFILL }},
337 { &hf_sap_message_identifier_hash, { "Message Identifier Hash", "sap.message_identifier_hash", FT_UINT16, BASE_HEX, NULL, 0x0, NULL, HFILL }},
338 { &hf_sap_originating_source_ipv4, { "Originating Source", "sap.originating_source", FT_IPv4, BASE_NONE, NULL, 0x0, NULL, HFILL }},
339 { &hf_sap_originating_source_ipv6, { "Originating Source", "sap.originating_source.ipv6", FT_IPv6, BASE_NONE, NULL, 0x0, NULL, HFILL }},
340 { &hf_sap_auth_subheader, { "Authentication subheader", "sap.auth.subheader", FT_BYTES, BASE_NONE, NULL, 0x0, NULL, HFILL }},
341 { &hf_sap_auth_data_padding, { "Authentication data padding", "sap.auth.data_padding", FT_BYTES, BASE_NONE, NULL, 0x0, NULL, HFILL }},
342 { &hf_sap_auth_data_padding_len, { "Authentication data pad count (bytes)", "sap.auth.data_padding.len", FT_UINT8, BASE_DEC, NULL, 0x0, NULL, HFILL }},
343 { &hf_sap_payload_type, { "Payload type", "sap.payload_type", FT_STRING, BASE_NONE, NULL, 0x0, NULL, HFILL }},
344
345 };
346 static int *ett[] = {
347 &ett_sap,
348 &ett_sap_flags,
349 &ett_sap_auth,
350 &ett_sap_authf,
351 };
352
353 static ei_register_info ei[] = {
354 { &ei_sap_compressed_and_encrypted, { "sap.compressed_and_encrypted", PI_UNDECODED, PI_WARN, "The rest of the packet is compressed and encrypted", EXPFILL }},
355 { &ei_sap_encrypted, { "sap.encrypted", PI_UNDECODED, PI_WARN, "The rest of the packet is encrypted", EXPFILL }},
356 { &ei_sap_compressed, { "sap.compressed", PI_UNDECODED, PI_WARN, "The rest of the packet is compressed", EXPFILL }},
357
358 /* Generated from convert_proto_tree_add_text.pl */
359 { &ei_sap_bogus_authentication_or_pad_length, { "sap.bogus_authentication_or_pad_length", PI_PROTOCOL, PI_WARN, "Bogus authentication length", EXPFILL }},
360 };
361
362 expert_module_t* expert_sap;
363
364 proto_sap = proto_register_protocol("Session Announcement Protocol", "SAP", "sap");
365
366 proto_register_field_array(proto_sap, hf, array_length(hf));
367 proto_register_subtree_array(ett, array_length(ett));
368 expert_sap = expert_register_protocol(proto_sap);
369 expert_register_field_array(expert_sap, ei, array_length(ei));
370
371 sap_handle = register_dissector("sap", dissect_sap, proto_sap);
372 }
373
374 void
375 proto_reg_handoff_sap(void)
376 {
377 dissector_add_uint_with_preference("udp.port", UDP_PORT_SAP, sap_handle);
378
379 /*
380 * Get a handle for the SDP dissector.
381 */
382 sdp_handle = find_dissector_add_dependency("sdp", proto_sap);
383 }
384
385 /*
386 * Editor modelines - https://www.wireshark.org/tools/modelines.html
387 *
388 * Local variables:
389 * c-basic-offset: 4
390 * tab-width: 8
391 * indent-tabs-mode: nil
392 * End:
393 *
394 * vi: set shiftwidth=4 tabstop=8 expandtab:
395 * :indentSize=4:tabSize=8:noTabs=true:
396 */
Metzes wireshark repo