search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
HACK: 2nd try to match RowsetProperties
[wireshark-wip.git] / epan / dissectors / packet-imap.c
blob63cac7ab0a64a3d5d3f46323b92517edc8eef22f
1 /* packet-imap.c
2 * Routines for imap packet dissection
3 * Copyright 1999, Richard Sharpe <rsharpe@ns.aus.com>
4 *
5 * $Id$
6 *
7 * Wireshark - Network traffic analyzer
8 * By Gerald Combs <gerald@wireshark.org>
9 * Copyright 1998 Gerald Combs
10 *
11 * Copied from packet-tftp.c
12 *
13 * This program is free software; you can redistribute it and/or
14 * modify it under the terms of the GNU General Public License
15 * as published by the Free Software Foundation; either version 2
16 * of the License, or (at your option) any later version.
17 *
18 * This program is distributed in the hope that it will be useful,
19 * but WITHOUT ANY WARRANTY; without even the implied warranty of
20 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
21 * GNU General Public License for more details.
22 *
23 * You should have received a copy of the GNU General Public License
24 * along with this program; if not, write to the Free Software
25 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
26 */
27
28 #include "config.h"
29
30 #include <epan/packet.h>
31 #include <epan/strutil.h>
32 #include <epan/wmem/wmem.h>
33 #include "packet-ssl.h"
34
35 #include <stdio.h>
36 #include <ctype.h>
37
38 static int proto_imap = -1;
39 static int hf_imap_isrequest = -1;
40 static int hf_imap_line = -1;
41 static int hf_imap_request = -1;
42 static int hf_imap_request_tag = -1;
43 static int hf_imap_response = -1;
44 static int hf_imap_response_tag = -1;
45 static int hf_imap_request_command = -1;
46 static int hf_imap_response_status = -1;
47 static int hf_imap_request_folder = -1;
48 static int hf_imap_request_uid = -1;
49
50 static gint ett_imap = -1;
51 static gint ett_imap_reqresp = -1;
52
53 static dissector_handle_t imap_handle;
54
55 #define TCP_PORT_IMAP 143
56 #define TCP_PORT_SSL_IMAP 993
57 #define MAX_BUFFER 1024
58
59 static void
60 dissect_imap(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
61 {
62 gboolean is_request;
63 proto_tree *imap_tree, *reqresp_tree;
64 proto_item *ti, *hidden_item;
65 gint offset = 0;
66 gint uid_offset = 0;
67 gint folder_offset = 0;
68 const guchar *line;
69 const guchar *uid_line;
70 const guchar *folder_line;
71 gint next_offset;
72 int linelen;
73 int tokenlen;
74 int uid_tokenlen;
75 int folder_tokenlen;
76 const guchar *next_token;
77 const guchar *uid_next_token;
78 const guchar *folder_next_token;
79 guchar *tokenbuf;
80 guchar *command_token;
81 int iter;
82 int commandlen;
83
84 tokenbuf = (guchar *)wmem_alloc(wmem_packet_scope(), MAX_BUFFER);
85 command_token = (guchar *)wmem_alloc(wmem_packet_scope(), MAX_BUFFER);
86 memset(tokenbuf, '\0', MAX_BUFFER);
87 memset(command_token, '\0', MAX_BUFFER);
88 commandlen = 0;
89 folder_offset = 0;
90 folder_tokenlen = 0;
91 folder_line = NULL;
92 col_set_str(pinfo->cinfo, COL_PROTOCOL, "IMAP");
93
94
95 if (pinfo->match_uint == pinfo->destport)
96 is_request = TRUE;
97 else
98 is_request = FALSE;
99
100 /*
101 * Put the first line from the buffer into the summary
102 * (but leave out the line terminator).
103 */
104 linelen = tvb_find_line_end(tvb, offset, -1, &next_offset, FALSE);
105 line = tvb_get_ptr(tvb, offset, linelen);
106
107 col_add_fstr(pinfo->cinfo, COL_INFO, "%s: %s",
108 is_request ? "Request" : "Response",
109 format_text(line, linelen));
110
111 if (tree) {
112 ti = proto_tree_add_item(tree, proto_imap, tvb, offset, -1, ENC_NA);
113 imap_tree = proto_item_add_subtree(ti, ett_imap);
114
115 hidden_item = proto_tree_add_boolean(imap_tree, hf_imap_isrequest, tvb, 0, 0, is_request);
116 PROTO_ITEM_SET_HIDDEN(hidden_item);
117
118 while(tvb_length_remaining(tvb, offset) > 0) {
119
120 /*
121 * Find the end of each line
122 *
123 * Note that "tvb_find_line_end()" will return a value that is
124 * not longer than what's in the buffer, so the "tvb_get_ptr()"
125 * call won't throw an exception.
126 */
127 linelen = tvb_find_line_end(tvb, offset, -1, &next_offset, FALSE);
128 line = tvb_get_ptr(tvb, offset, linelen);
129
130 /*
131 * Put the line into the protocol tree.
132 */
133 ti = proto_tree_add_item(imap_tree, hf_imap_line, tvb, offset,
134 next_offset - offset, ENC_ASCII|ENC_NA);
135
136 reqresp_tree = proto_item_add_subtree(ti, ett_imap_reqresp);
137
138 /*
139 * Check that the line doesn't begin with '*', because that's a continuation line.
140 * Otherwise if a tag is present then extract tokens.
141 */
142 if ( (line) && ((line[0] != '*') || (TRUE == is_request)) ) {
143 /*
144 * Show each line as tags + requests or replies.
145 */
146
147 /*
148 * Extract the first token, and, if there is a first
149 * token, add it as the request or reply tag.
150 */
151 tokenlen = get_token_len(line, line + linelen, &next_token);
152 if (tokenlen != 0) {
153 proto_tree_add_item(reqresp_tree, (is_request) ? hf_imap_request_tag : hf_imap_response_tag,
154 tvb, offset, tokenlen, ENC_ASCII|ENC_NA);
155
156 offset += (gint) (next_token - line);
157 linelen -= (int) (next_token - line);
158 line = next_token;
159 }
160
161 /*
162 * Extract second token, and, if there is a second
163 * token, and it's not uid, add it as the request or reply command.
164 */
165 tokenlen = get_token_len(line, line + linelen, &next_token);
166 if (tokenlen != 0) {
167 for (iter = 0; iter < tokenlen && iter < MAX_BUFFER-1; iter++) {
168 tokenbuf[iter] = tolower(line[iter]);
169 }
170 if ( TRUE == is_request && strncmp(tokenbuf,"uid",tokenlen) == 0) {
171 proto_tree_add_item(reqresp_tree, hf_imap_request_uid, tvb, offset, tokenlen, ENC_ASCII|ENC_NA);
172 /*
173 * UID is a precursor to a command, if following the tag,
174 * so move to next token to grab the actual command.
175 */
176 uid_offset = offset;
177 uid_offset += (gint) (next_token - line);
178 uid_line = next_token;
179 uid_tokenlen = get_token_len(uid_line, uid_line + (linelen - tokenlen), &uid_next_token);
180 if (tokenlen != 0) {
181 proto_tree_add_item(reqresp_tree, hf_imap_request_command,
182 tvb, uid_offset, uid_tokenlen, ENC_ASCII|ENC_NA);
183
184 /*
185 * Save command string to do specialized processing.
186 */
187 for (iter = 0; iter < uid_tokenlen && iter < MAX_BUFFER-1; iter++) {
188 command_token[iter] = tolower(uid_line[iter]);
189 }
190 commandlen = uid_tokenlen;
191
192 folder_offset = uid_offset;
193 folder_offset += (gint) (uid_next_token - uid_line);
194 folder_line = uid_next_token;
195 folder_tokenlen = get_token_len(folder_line, folder_line + (linelen - tokenlen - uid_tokenlen), &folder_next_token);
196 }
197 } else {
198 /*
199 * Not a UID request so perform normal parsing.
200 */
201 proto_tree_add_item(reqresp_tree, (is_request) ? hf_imap_request_command : hf_imap_response_status,
202 tvb, offset, tokenlen, ENC_ASCII|ENC_NA);
203
204 if (is_request) {
205 /*
206 * Save command string to do specialized processing.
207 */
208 for (iter = 0; iter < tokenlen && iter < 256; iter++) {
209 command_token[iter] = tolower(line[iter]);
210 }
211 commandlen = tokenlen;
212
213 folder_offset = offset;
214 folder_offset += (gint) (next_token - line);
215 folder_line = next_token;
216 folder_tokenlen = get_token_len(folder_line, folder_line + (linelen - tokenlen - 1), &folder_next_token);
217 }
218 }
219
220 if (commandlen > 0 && (
221 strncmp(command_token, "select", commandlen) == 0 ||
222 strncmp(command_token, "examine", commandlen) == 0 ||
223 strncmp(command_token, "create", commandlen) == 0 ||
224 strncmp(command_token, "delete", commandlen) == 0 ||
225 strncmp(command_token, "rename", commandlen) == 0 ||
226 strncmp(command_token, "subscribe", commandlen) == 0 ||
227 strncmp(command_token, "unsubscribe", commandlen) == 0 ||
228 strncmp(command_token, "status", commandlen) == 0 ||
229 strncmp(command_token, "append", commandlen) == 0 ||
230 strncmp(command_token, "search", commandlen) == 0)) {
231 /*
232 * These commands support folder as an argument,
233 * so parse out the folder name.
234 */
235 if (folder_tokenlen != 0)
236 proto_tree_add_item(reqresp_tree, hf_imap_request_folder, tvb, folder_offset, folder_tokenlen, ENC_ASCII|ENC_NA);
237 }
238
239 if ( is_request && (NULL != folder_line) &&
240 strncmp(command_token, "copy", commandlen) == 0) {
241 /*
242 * Handle the copy command separately since folder
243 * is the second argument for this command.
244 */
245 folder_offset += (gint) (folder_next_token - folder_line);
246 folder_line = folder_next_token;
247 folder_tokenlen = get_token_len(folder_line, folder_line + (linelen - tokenlen), &folder_next_token);
248
249 if (folder_tokenlen != 0)
250 proto_tree_add_item(reqresp_tree, hf_imap_request_folder, tvb, folder_offset, folder_tokenlen, ENC_ASCII|ENC_NA);
251 }
252
253 }
254
255 /*
256 * Add the rest of the line as request or reply data.
257 */
258 if (linelen != 0) {
259 proto_tree_add_item(reqresp_tree, (is_request) ? hf_imap_request : hf_imap_response,
260 tvb, offset, linelen, ENC_ASCII|ENC_NA);
261 }
262
263 }
264
265 offset = next_offset; /* Skip over last line and \r\n at the end of it */
266 }
267 }
268 }
269
270 void
271 proto_register_imap(void)
272 {
273 static hf_register_info hf[] = {
274 { &hf_imap_isrequest, { "Request", "imap.isrequest", FT_BOOLEAN, BASE_NONE, NULL, 0x0, "TRUE if IMAP request, FALSE otherwise", HFILL }},
275 { &hf_imap_line, { "Line", "imap.line", FT_STRINGZ, BASE_NONE, NULL, 0x0, "A line of an IMAP message", HFILL }},
276 { &hf_imap_request, { "Request", "imap.request", FT_STRINGZ, BASE_NONE, NULL, 0x0, "Remainder of request line", HFILL }},
277 { &hf_imap_request_tag, { "Request Tag", "imap.request_tag", FT_STRINGZ, BASE_NONE, NULL, 0x0, "First token of request line", HFILL }},
278 { &hf_imap_response, { "Response", "imap.response", FT_STRINGZ, BASE_NONE, NULL, 0x0, "Remainder of response line", HFILL }},
279 { &hf_imap_response_tag, { "Response Tag", "imap.response_tag", FT_STRINGZ, BASE_NONE, NULL, 0x0, "First token of response line", HFILL }},
280 { &hf_imap_request_command, { "Request Command", "imap.request.command", FT_STRINGZ, BASE_NONE, NULL, 0x0, "Request command name", HFILL }},
281 { &hf_imap_response_status, { "Response Status", "imap.response.status", FT_STRINGZ, BASE_NONE, NULL, 0x0, "Response status code", HFILL }},
282 { &hf_imap_request_folder, { "Request Folder", "imap.request.folder", FT_STRINGZ, BASE_NONE, NULL, 0x0, "Request command folder", HFILL }},
283 { &hf_imap_request_uid, { "Request isUID", "imap.request.command.uid", FT_BOOLEAN, BASE_NONE, NULL, 0x0, "Request command uid", HFILL }}
284 };
285
286 static gint *ett[] = {
287 &ett_imap,
288 &ett_imap_reqresp,
289 };
290
291 proto_imap = proto_register_protocol("Internet Message Access Protocol",
292 "IMAP", "imap");
293
294 imap_handle = register_dissector("imap", dissect_imap, proto_imap);
295
296 proto_register_field_array(proto_imap, hf, array_length(hf));
297 proto_register_subtree_array(ett, array_length(ett));
298 }
299
300 void
301 proto_reg_handoff_imap(void)
302 {
303 dissector_add_uint("tcp.port", TCP_PORT_IMAP, imap_handle);
304 ssl_dissector_add(TCP_PORT_SSL_IMAP, "imap", TRUE);
305 }