epan/dissectors/packet-omapi.c

   1 /* packet-omapi.c
   2  * ISC OMAPI (Object Management API) dissector
   3  * Copyright 2006, Jaap Keuter <jaap.keuter@xs4all.nl>
   4  *
   5  * $Id$
   6  *
   7  * Wireshark - Network traffic analyzer
   8  * By Gerald Combs <gerald@wireshark.org>
   9  * Copyright 1998 Gerald Combs
  10  *
  11  * This program is free software; you can redistribute it and/or
  12  * modify it under the terms of the GNU General Public License
  13  * as published by the Free Software Foundation; either version 2
  14  * of the License, or (at your option) any later version.
  15  *
  16  * This program is distributed in the hope that it will be useful,
  17  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  18  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  19  * GNU General Public License for more details.
  20  *
  21  * You should have received a copy of the GNU General Public License
  22  * along with this program; if not, write to the Free Software
  23  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
  24  */
  25
  26 /*
  27  * From the description api+protocol.
  28  * All fields are 32 bit unless stated otherwise.
  29  *
  30  * On startup, each side sends a status message indicating what version
  31  * of the protocol they are speaking. The status message looks like this:
  32  * +---------+---------+
  33  * | version | hlength |
  34  * +---------+---------+
  35  *
  36  * The fixed-length header consists of:
  37  * +--------+----+--------+----+-----+---------+------------+------------+-----+
  38  * | authid | op | handle | id | rid | authlen | msg values | obj values | sig |
  39  * +--------+----+--------+----+-----+---------+------v-----+-----v------+--v--+
  40  * NOTE: real life capture shows order to be: authid, authlen, opcode, handle...
  41  *
  42  * The message and object values consists of:
  43  * +---------+------+----------+-------+
  44  * | namelen | name | valuelen | value |
  45  * +---16b---+--v---+----------+---v---+
  46  */
  47
  48 #include "config.h"
  49
  50 #include <epan/packet.h>
  51 #include <epan/ptvcursor.h>
  52
  53 static int proto_omapi = -1;
  54 static int hf_omapi_version = -1;
  55 static int hf_omapi_hlength = -1;
  56 static int hf_omapi_auth_id = -1;
  57 static int hf_omapi_auth_len = -1;
  58 static int hf_omapi_opcode = -1;
  59 static int hf_omapi_handle = -1;
  60 static int hf_omapi_id = -1;
  61 static int hf_omapi_rid = -1;
  62 static int hf_omapi_msg_name_len = -1; /* 16bit */
  63 static int hf_omapi_msg_name = -1;
  64 static int hf_omapi_msg_value_len = -1;
  65 static int hf_omapi_msg_value = -1;
  66 static int hf_omapi_obj_name_len = -1; /* 16bit */
  67 static int hf_omapi_obj_name = -1;
  68 static int hf_omapi_obj_value_len = -1;
  69 static int hf_omapi_obj_value = -1;
  70 static int hf_omapi_signature = -1;
  71
  72 static gint ett_omapi = -1;
  73
  74 #define OMAPI_PORT 7911
  75
  76 #define OP_OPEN         1
  77 #define OP_REFRESH      2
  78 #define OP_UPDATE       3
  79 #define OP_NOTIFY       4
  80 #define OP_ERROR        5
  81 #define OP_DELETE       6
  82 #define OP_NOTIFY_CANCEL        7
  83 #define OP_NOTIFY_CANCELLED     8
  84
  85 static const value_string omapi_opcode_vals[] = {
  86   { OP_OPEN,    "Open" },
  87   { OP_REFRESH, "Refresh" },
  88   { OP_UPDATE,  "Update" },
  89   { OP_NOTIFY,  "Notify" },
  90   { OP_ERROR,   "Error" },
  91   { OP_DELETE,  "Delete" },
  92   { OP_NOTIFY_CANCEL,   "Notify cancel" },
  93   { OP_NOTIFY_CANCELLED,"Notify cancelled" },
  94   { 0, NULL }
  95 };
  96
  97 static void
  98 dissect_omapi(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
  99 {
 100   proto_item *ti;
 101   proto_tree *omapi_tree;
 102   ptvcursor_t* cursor;
 103
 104   guint32 authlength;
 105   guint32 msglength;
 106   guint32 objlength;
 107
 108
 109   col_set_str(pinfo->cinfo, COL_PROTOCOL, "OMAPI");
 110
 111   col_clear(pinfo->cinfo, COL_INFO);
 112
 113   ti = proto_tree_add_item(tree, proto_omapi, tvb, 0, -1, ENC_NA);
 114   omapi_tree = proto_item_add_subtree(ti, ett_omapi);
 115   cursor = ptvcursor_new(omapi_tree, tvb, 0);
 116
 117   if (tvb_reported_length_remaining(tvb, 0) < 8)
 118   {
 119     /* Payload too small for OMAPI */
 120     DISSECTOR_ASSERT_NOT_REACHED();
 121   }
 122   else if (tvb_reported_length_remaining(tvb, 0) < 24)
 123   {
 124     /* This is a startup message */
 125     ptvcursor_add(cursor, hf_omapi_version, 4, ENC_BIG_ENDIAN);
 126     ptvcursor_add(cursor, hf_omapi_hlength, 4, ENC_BIG_ENDIAN);
 127
 128     col_set_str(pinfo->cinfo, COL_INFO, "Status message");
 129     proto_item_append_text(ti, ", Status message");
 130
 131     return;
 132   }
 133   else if ( !(tvb_get_ntohl(tvb, 8) || tvb_get_ntohl(tvb, 12)) )
 134   {
 135     /* This is a startup message, and more */
 136     ptvcursor_add(cursor, hf_omapi_version, 4, ENC_BIG_ENDIAN);
 137     ptvcursor_add(cursor, hf_omapi_hlength, 4, ENC_BIG_ENDIAN);
 138
 139     col_append_str(pinfo->cinfo, COL_INFO, "Status message");
 140
 141     proto_item_append_text(ti, ", Status message");
 142   }
 143
 144   ptvcursor_add(cursor, hf_omapi_auth_id, 4, ENC_BIG_ENDIAN);
 145   authlength = tvb_get_ntohl(tvb, ptvcursor_current_offset(cursor));
 146   ptvcursor_add(cursor, hf_omapi_auth_len, 4, ENC_BIG_ENDIAN);
 147
 148   col_append_sep_str(pinfo->cinfo, COL_INFO, NULL,
 149       val_to_str(tvb_get_ntohl(tvb, ptvcursor_current_offset(cursor)), omapi_opcode_vals, "Unknown opcode (0x%04x)"));
 150
 151   proto_item_append_text(ti, ", Opcode: %s",
 152     val_to_str(tvb_get_ntohl(tvb, ptvcursor_current_offset(cursor)), omapi_opcode_vals, "Unknown opcode (0x%04x)"));
 153
 154   ptvcursor_add(cursor, hf_omapi_opcode, 4, ENC_BIG_ENDIAN);
 155   ptvcursor_add(cursor, hf_omapi_handle, 4, ENC_BIG_ENDIAN);
 156   ptvcursor_add(cursor, hf_omapi_id, 4, ENC_BIG_ENDIAN);
 157   ptvcursor_add(cursor, hf_omapi_rid, 4, ENC_BIG_ENDIAN);
 158
 159   msglength = tvb_get_ntohs(tvb, ptvcursor_current_offset(cursor));
 160   while (msglength)
 161   {
 162     ptvcursor_add(cursor, hf_omapi_msg_name_len, 2, ENC_BIG_ENDIAN);
 163     ptvcursor_add(cursor, hf_omapi_msg_name, msglength, ENC_ASCII|ENC_NA);
 164     msglength = tvb_get_ntohl(tvb, ptvcursor_current_offset(cursor));
 165     ptvcursor_add(cursor, hf_omapi_msg_value_len, 4, ENC_BIG_ENDIAN);
 166
 167     if (msglength == 0)
 168     {
 169       proto_tree_add_text(omapi_tree, tvb, 0, 0, "Empty string");
 170     }
 171     else if (msglength == (guint32)~0)
 172     {
 173       proto_tree_add_text(omapi_tree, tvb, 0, 0, "No value");
 174     }
 175     else
 176     {
 177       ptvcursor_add(cursor, hf_omapi_msg_value, msglength, ENC_ASCII|ENC_NA);
 178     }
 179
 180     msglength = tvb_get_ntohs(tvb, ptvcursor_current_offset(cursor));
 181   }
 182
 183   proto_tree_add_text(omapi_tree, tvb, ptvcursor_current_offset(cursor), 2, "Message end tag");
 184   ptvcursor_advance(cursor, 2);
 185
 186   objlength = tvb_get_ntohs(tvb, ptvcursor_current_offset(cursor));
 187   while (objlength)
 188   {
 189     ptvcursor_add(cursor, hf_omapi_obj_name_len, 2, ENC_BIG_ENDIAN);
 190     ptvcursor_add(cursor, hf_omapi_obj_name, objlength, ENC_ASCII|ENC_NA);
 191     objlength = tvb_get_ntohl(tvb, ptvcursor_current_offset(cursor));
 192     ptvcursor_add(cursor, hf_omapi_obj_value_len, 4, ENC_BIG_ENDIAN);
 193
 194     if (objlength == 0)
 195     {
 196       proto_tree_add_text(omapi_tree, tvb, 0, 0, "Empty string");
 197     }
 198     else if (objlength == (guint32)~0)
 199     {
 200       proto_tree_add_text(omapi_tree, tvb, 0, 0, "No value");
 201     }
 202     else
 203     {
 204       ptvcursor_add(cursor, hf_omapi_obj_value, objlength, ENC_NA);
 205     }
 206
 207     objlength = tvb_get_ntohs(tvb, ptvcursor_current_offset(cursor));
 208   }
 209
 210   proto_tree_add_text(omapi_tree, tvb, ptvcursor_current_offset(cursor), 2, "Object end tag");
 211   ptvcursor_advance(cursor, 2);
 212
 213   if (authlength > 0) {
 214     ptvcursor_add(cursor, hf_omapi_signature, authlength, ENC_NA);
 215   }
 216 }
 217
 218 void
 219 proto_register_omapi(void)
 220 {
 221   static hf_register_info hf[] = {
 222     { &hf_omapi_version,
 223       { "Version", "omapi.version",
 224         FT_UINT32, BASE_DEC, NULL, 0x0,
 225         NULL, HFILL }},
 226     { &hf_omapi_hlength,
 227       { "Header length", "omapi.hlength",
 228         FT_UINT32, BASE_DEC, NULL, 0x0,
 229         NULL, HFILL }},
 230     { &hf_omapi_auth_id,
 231       { "Authentication ID", "omapi.authid",
 232         FT_UINT32, BASE_DEC, NULL, 0x0,
 233         NULL, HFILL }},
 234     { &hf_omapi_auth_len,
 235       { "Authentication length", "omapi.authlength",
 236         FT_UINT32, BASE_DEC, NULL, 0x0,
 237         NULL, HFILL }},
 238     { &hf_omapi_opcode,
 239       { "Opcode", "omapi.opcode",
 240         FT_UINT32, BASE_DEC, VALS(omapi_opcode_vals), 0x0,
 241         NULL, HFILL }},
 242     { &hf_omapi_handle,
 243       { "Handle", "omapi.handle",
 244         FT_UINT32, BASE_DEC, NULL, 0x0,
 245         NULL, HFILL }},
 246     { &hf_omapi_id,
 247       { "ID", "omapi.id",
 248         FT_UINT32, BASE_DEC, NULL, 0x0,
 249         NULL, HFILL }},
 250     { &hf_omapi_rid,
 251       { "Response ID", "omapi.rid",
 252         FT_UINT32, BASE_DEC, NULL, 0x0,
 253         NULL, HFILL }},
 254     { &hf_omapi_msg_name_len,
 255       { "Message name length", "omapi.msg_name_length",
 256         FT_UINT16, BASE_DEC, NULL, 0x0,
 257         NULL, HFILL }},
 258     { &hf_omapi_msg_name,
 259       { "Message name", "omapi.msg_name",
 260         FT_STRING, BASE_NONE, NULL, 0x0,
 261         NULL, HFILL }},
 262     { &hf_omapi_msg_value_len,
 263       { "Message value length", "omapi.msg_value_length",
 264         FT_UINT32, BASE_DEC, NULL, 0x0,
 265         NULL, HFILL }},
 266     { &hf_omapi_msg_value,
 267       { "Message value", "omapi.msg_value",
 268         FT_STRING, BASE_NONE, NULL, 0x0,
 269         NULL, HFILL }},
 270     { &hf_omapi_obj_name_len,
 271       { "Object name length", "omapi.obj_name_length",
 272         FT_UINT16, BASE_DEC, NULL, 0x0,
 273         NULL, HFILL }},
 274     { &hf_omapi_obj_name,
 275       { "Object name", "omapi.obj_name",
 276         FT_STRING, BASE_NONE, NULL, 0x0,
 277         NULL, HFILL }},
 278     { &hf_omapi_obj_value_len,
 279       { "Object value length", "omapi.object_value_length",
 280         FT_UINT32, BASE_DEC, NULL, 0x0,
 281         NULL, HFILL }},
 282     { &hf_omapi_obj_value,
 283       { "Object value", "omapi.obj_value",
 284         FT_BYTES, BASE_NONE, NULL, 0x0,
 285         NULL, HFILL }},
 286     { &hf_omapi_signature,
 287       { "Signature", "omapi.signature",
 288         FT_BYTES, BASE_NONE, NULL, 0x0,
 289         NULL, HFILL }}
 290   };
 291
 292   static gint *ett[] = {
 293     &ett_omapi
 294   };
 295
 296   proto_omapi = proto_register_protocol("ISC Object Management API", "OMAPI", "omapi");
 297   proto_register_field_array(proto_omapi, hf, array_length(hf));
 298   proto_register_subtree_array(ett, array_length(ett));
 299 }
 300
 301 void
 302 proto_reg_handoff_omapi(void)
 303 {
 304   dissector_handle_t omapi_handle;
 305
 306   omapi_handle = create_dissector_handle(dissect_omapi, proto_omapi);
 307   dissector_add_uint("tcp.port", OMAPI_PORT, omapi_handle);
 308 }