search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
HACK: pinfo->private_data points to smb_info again
[wireshark-wip.git] / epan / dissectors / packet-tpkt.c
blob73c1ec761bf942094264c1c8bd56277eedf474d1
1 /* packet-tpkt.c
2 *
3 * Routine to check for RFC 1006 TPKT header and to dissect TPKT header
4 * Copyright 2000, Philips Electronics N.V.
5 * Andreas Sikkema <h323@ramdyne.nl>
6 *
7 * Routine to dissect RFC 1006 TPKT packet containing OSI TP PDU
8 * Copyright 2001, Martin Thomas <Martin_A_Thomas@yahoo.com>
9 *
10 * $Id$
11 *
12 * Wireshark - Network traffic analyzer
13 * By Gerald Combs <gerald@wireshark.org>
14 * Copyright 1998 Gerald Combs
15 *
16 * This program is free software; you can redistribute it and/or
17 * modify it under the terms of the GNU General Public License
18 * as published by the Free Software Foundation; either version 2
19 * of the License, or (at your option) any later version.
20 *
21 * This program is distributed in the hope that it will be useful,
22 * but WITHOUT ANY WARRANTY; without even the implied warranty of
23 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
24 * GNU General Public License for more details.
25 *
26 * You should have received a copy of the GNU General Public License
27 * along with this program; if not, write to the Free Software
28 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
29 */
30
31 #include "config.h"
32
33 #include <ctype.h>
34
35 #include <glib.h>
36
37 #include <epan/packet.h>
38 #include <epan/exceptions.h>
39 #include <epan/prefs.h>
40 #include <epan/show_exception.h>
41
42 #include "packet-tpkt.h"
43
44 /* TPKT header fields */
45 static int proto_tpkt = -1;
46 static protocol_t *proto_tpkt_ptr;
47 static int hf_tpkt_version = -1;
48 static int hf_tpkt_reserved = -1;
49 static int hf_tpkt_length = -1;
50
51
52 /* TPKT fields defining a sub tree */
53 static gint ett_tpkt = -1;
54
55 /* desegmentation of OSI over TPKT over TCP */
56 static gboolean tpkt_desegment = TRUE;
57
58 #define TCP_PORT_TPKT 102
59
60 /* find the dissector for OSI TP (aka COTP) */
61 static dissector_handle_t osi_tp_handle;
62
63 /*
64 * Check whether this could be a TPKT-encapsulated PDU.
65 * Returns -1 if it's not, and the PDU length from the TPKT header
66 * if it is.
67 *
68 * "min_len" is the minimum length of the PDU; the length field in the
69 * TPKT header must be at least "4+min_len" in order for this to be a
70 * valid TPKT PDU for the protocol in question.
71 */
72 int
73 is_tpkt(tvbuff_t *tvb, int min_len)
74 {
75 guint16 pkt_len;
76
77 /*
78 * If TPKT is disabled, don't dissect it, just return -1, meaning
79 * "this isn't TPKT".
80 */
81 if (!proto_is_protocol_enabled(proto_tpkt_ptr))
82 return -1;
83
84 /* There should at least be 4 bytes left in the frame */
85 if (tvb_length(tvb) < 4)
86 return -1; /* there aren't */
87
88 /*
89 * The first octet should be 3 and the second one should be 0
90 * The H.323 implementers guide suggests that this might not
91 * always be the case....
92 */
93 if (!(tvb_get_guint8(tvb, 0) == 3 && tvb_get_guint8(tvb, 1) == 0))
94 return -1; /* they're not */
95
96 /*
97 * Get the length from the TPKT header. Make sure it's large
98 * enough.
99 */
100 pkt_len = tvb_get_ntohs(tvb, 2);
101 if (pkt_len < 4 + min_len)
102 return -1; /* it's not */
103
104 /*
105 * Return the length from the header.
106 */
107 return pkt_len;
108 }
109 guint16
110 is_asciitpkt(tvbuff_t *tvb)
111 {
112 guint16 count;
113 /*
114 * If TPKT is disabled, don't dissect it, just return -1, meaning
115 * "this isn't TPKT".
116 */
117 if (!proto_is_protocol_enabled(proto_tpkt_ptr))
118 return -1;
119
120 /* There should at least be 8 bytes left in the frame */
121 if (!tvb_bytes_exist(tvb, 0, 8))
122 return -1; /* there aren't */
123
124 /*
125 * The first four octets should be ASCII
126 */
127 for (count = 0; count <=7 ; count ++)
128 {
129 if(!isalnum(tvb_get_guint8(tvb,count)))
130 {
131 return 0;
132 }
133 }
134 return 1;
135
136
137 }
138 static int
139 parseLengthText ( guint8* pTpktData )
140 {
141 int value = 0;
142 const guint8 * pData = pTpktData;
143 int bitvalue = 0, count1 = 3;
144 int count;
145 for (count = 0; count <= 3; count++)
146 {
147 if (('0' <= *(pData + count)) && (*(pData + count) <= '9'))
148 bitvalue = *(pData + count) - 48;
149 else if (('a' <= *(pData + count)) && (*(pData + count) <= 'f' ))
150 bitvalue = *(pData + count) - 87;
151 else if (('A' <= *(pData + count)) && (*(pData + count) <= 'F' ))
152 bitvalue = *(pData + count) - 55;
153
154 value += bitvalue << (4*count1);
155 count1--;
156 }
157 return value;
158 }
159 static int
160 parseVersionText ( guint8* pTpktData )
161 {
162 int value = 0;
163 guint8 * pData = pTpktData;
164 int bitvalue = 0, count1 = 1;
165 int count;
166 for (count = 0; count <= 1; count++)
167 {
168 if (('0' <= *(pData + count)) && (*(pData + count) <= '9'))
169 bitvalue = *(pData + count) - 48;
170 else if (('a' <= *(pData + count)) && (*(pData + count) <= 'f' ))
171 bitvalue = *(pData + count) - 87;
172 else if (('A' <= *(pData + count)) && (*(pData + count) <= 'F' ))
173 bitvalue = *(pData + count) - 55;
174
175 value += bitvalue << (4*count1);
176 count1--;
177 }
178
179 return value;
180 }
181 static int
182 parseReservedText ( guint8* pTpktData )
183 {
184 int value = 0;
185 guint8 * pData = pTpktData;
186 int bitvalue = 0, count1 = 1;
187 int count;
188 for (count = 0; count <= 1; count++)
189 {
190 if (('0' <= *(pData + count)) && (*(pData + count) <= '9'))
191 bitvalue = *(pData + count) - 48;
192 else if (('a' <= *(pData + count)) && (*(pData + count) <= 'f' ))
193 bitvalue = *(pData + count) - 87;
194 else if (('A' <= *(pData + count)) && (*(pData + count) <= 'F' ))
195 bitvalue = *(pData + count) - 55;
196
197 value += bitvalue << (4*count1);
198 count1--;
199 }
200
201 return value;
202 }
203 /*
204 * Dissect ASCII TPKT-encapsulated data in a TCP stream.
205 */
206 void
207 dissect_asciitpkt(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree,
208 dissector_handle_t subdissector_handle)
209 {
210 proto_item *ti = NULL;
211 proto_tree *tpkt_tree = NULL;
212 volatile int offset = 0;
213 int length_remaining;
214 int data_len;
215 volatile int mgcp_packet_len = 0;
216 int mgcp_version = 0;
217 int mgcp_reserved = 0;
218 volatile int length;
219 tvbuff_t *volatile next_tvb;
220 const char *saved_proto;
221 guint8 string[4];
222 void *pd_save;
223
224 /*
225 * If we're reassembling segmented TPKT PDUs, empty the COL_INFO
226 * column, so subdissectors can append information
227 * without having to worry about emptying the column.
228 *
229 * We use "col_add_str()" because the subdissector
230 * might be appending information to the column, in
231 * which case we'd have to zero the buffer out explicitly
232 * anyway.
233 */
234 if (tpkt_desegment)
235 col_set_str(pinfo->cinfo, COL_INFO, "");
236
237 while (tvb_reported_length_remaining(tvb, offset) != 0) {
238 /*
239 * Is the first byte of this putative TPKT header
240 * a valid TPKT version number, i.e. 3?
241 */
242 if (tvb_get_guint8(tvb, offset) != 48) {
243 /*
244 * No, so don't assume this is a TPKT header;
245 * we might be in the middle of TPKT data,
246 * so don't get the length and don't try to
247 * do reassembly.
248 */
249 col_set_str(pinfo->cinfo, COL_PROTOCOL, "TPKT");
250 col_set_str(pinfo->cinfo, COL_INFO, "Continuation");
251 if (tree) {
252 ti = proto_tree_add_item(tree, proto_tpkt, tvb,
253 offset, -1, ENC_NA);
254 tpkt_tree = proto_item_add_subtree(ti, ett_tpkt);
255 proto_item_set_text(ti, "TPKT");
256
257 proto_tree_add_text(tpkt_tree, tvb, offset, -1,
258 "Continuation data");
259 }
260 return;
261 }
262
263 length_remaining = tvb_length_remaining(tvb, offset);
264
265 /*
266 * Get the length from the TPKT header.
267 */
268
269 tvb_memcpy(tvb, (guint8 *)string, offset, 2);
270 mgcp_version = parseVersionText(string);
271 tvb_memcpy(tvb, (guint8 *)string, offset +2, 2);
272 mgcp_reserved = parseReservedText(string);
273 tvb_memcpy(tvb, (guint8 *)string, offset + 4, 4);
274 mgcp_packet_len = parseLengthText(string);
275 data_len = mgcp_packet_len;
276
277 /*
278 * Dissect the TPKT header.
279 * Save and restore "pinfo->current_proto".
280 */
281 saved_proto = pinfo->current_proto;
282 pinfo->current_proto = "TPKT";
283
284 col_set_str(pinfo->cinfo, COL_PROTOCOL, "TPKT");
285 /*
286 * Don't add the TPKT header information if we're
287 * reassembling segmented TPKT PDUs or if this
288 * PDU isn't reassembled.
289 *
290 * XXX - the first is so that subdissectors can append
291 * information without getting TPKT stuff in the middle;
292 * why the second?
293 */
294 if (!tpkt_desegment && !pinfo->fragmented) {
295 col_add_fstr(pinfo->cinfo, COL_INFO,
296 "TPKT Data length = %u", data_len);
297 }
298
299 if (tree) {
300 ti = proto_tree_add_item(tree, proto_tpkt, tvb,
301 offset, 8, ENC_NA);
302 tpkt_tree = proto_item_add_subtree(ti, ett_tpkt);
303 proto_item_set_text(ti, "TPKT");
304
305 /* Version */
306 proto_tree_add_uint(tpkt_tree, hf_tpkt_version, tvb,
307 offset, 2, mgcp_version);
308
309 /* Reserved octet*/
310 proto_tree_add_uint(tpkt_tree, hf_tpkt_reserved, tvb,
311 offset + 2, 2, mgcp_reserved);
312
313 /* Length */
314 proto_tree_add_uint(tpkt_tree, hf_tpkt_length, tvb,
315 offset + 4, 4, mgcp_packet_len);
316 }
317 pinfo->current_proto = saved_proto;
318
319 /* Skip the TPKT header. */
320 offset += TEXT_LAYER_LENGTH;
321 length = length_remaining - TEXT_LAYER_LENGTH;
322 if (length > data_len)
323 length = data_len;
324
325 next_tvb = tvb_new_subset(tvb, offset,length, data_len);
326
327 /*
328 * Call the subdissector.
329 *
330 * If it gets an error that means there's no point in
331 * dissecting any more TPKT messages, rethrow the
332 * exception in question.
333 *
334 * If it gets any other error, report it and continue, as that
335 * means that TPKT message got an error, but that doesn't mean
336 * we should stop dissecting TPKT messages within this frame
337 * or chunk of reassembled data.
338 */
339 pd_save = pinfo->private_data;
340 TRY {
341 call_dissector(subdissector_handle, next_tvb, pinfo,
342 tree);
343 }
344 CATCH_NONFATAL_ERRORS {
345 /* Restore the private_data structure in case one of the
346 * called dissectors modified it (and, due to the exception,
347 * was unable to restore it).
348 */
349 pinfo->private_data = pd_save;
350
351 show_exception(tvb, pinfo, tree, EXCEPT_CODE, GET_MESSAGE);
352 }
353 ENDTRY;
354
355 /*
356 * Skip the payload.
357 */
358 offset += data_len;
359 }
360 }
361
362 /*
363 * Dissect TPKT-encapsulated data in a TCP stream.
364 */
365 void
366 dissect_tpkt_encap(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree,
367 gboolean desegment, dissector_handle_t subdissector_handle)
368 {
369 proto_item *ti = NULL;
370 proto_tree *tpkt_tree = NULL;
371 volatile int offset = 0;
372 int length_remaining;
373 int data_len;
374 volatile int length;
375 tvbuff_t *volatile next_tvb;
376 const char *saved_proto;
377 void *pd_save;
378
379 /*
380 * If we're reassembling segmented TPKT PDUs, empty the COL_INFO
381 * column, so subdissectors can append information
382 * without having to worry about emptying the column.
383 *
384 * We use "col_add_str()" because the subdissector
385 * might be appending information to the column, in
386 * which case we'd have to zero the buffer out explicitly
387 * anyway.
388 */
389 if (desegment)
390 col_set_str(pinfo->cinfo, COL_INFO, "");
391
392 while (tvb_reported_length_remaining(tvb, offset) != 0) {
393 /*
394 * Is the first byte of this putative TPKT header
395 * a valid TPKT version number, i.e. 3?
396 */
397 if (tvb_get_guint8(tvb, offset) != 3) {
398 /*
399 * No, so don't assume this is a TPKT header;
400 * we might be in the middle of TPKT data,
401 * so don't get the length and don't try to
402 * do reassembly.
403 */
404 col_set_str(pinfo->cinfo, COL_PROTOCOL, "TPKT");
405 col_set_str(pinfo->cinfo, COL_INFO, "Continuation");
406 if (tree) {
407 ti = proto_tree_add_item(tree, proto_tpkt, tvb,
408 offset, -1, ENC_NA);
409 tpkt_tree = proto_item_add_subtree(ti, ett_tpkt);
410 proto_item_set_text(ti, "TPKT");
411
412 proto_tree_add_text(tpkt_tree, tvb, offset, -1,
413 "Continuation data");
414 }
415 return;
416 }
417
418 length_remaining = tvb_length_remaining(tvb, offset);
419
420 /*
421 * Can we do reassembly?
422 */
423 if (desegment && pinfo->can_desegment) {
424 /*
425 * Yes - is the TPKT header split across segment
426 * boundaries?
427 */
428 if (length_remaining < 4) {
429 /*
430 * Yes. Tell the TCP dissector where the data
431 * for this message starts in the data it
432 * handed us and that we need "some more data."
433 * Don't tell it exactly how many bytes we need
434 * because if/when we ask for even more (after
435 * the header) that will break reassembly.
436 */
437 pinfo->desegment_offset = offset;
438 pinfo->desegment_len = DESEGMENT_ONE_MORE_SEGMENT;
439 return;
440 }
441 }
442
443 /*
444 * Get the length from the TPKT header.
445 */
446 data_len = tvb_get_ntohs(tvb, offset + 2);
447
448 /*
449 * Can we do reassembly?
450 */
451 if (desegment && pinfo->can_desegment) {
452 /*
453 * Yes - is the payload split across segment
454 * boundaries?
455 */
456 if (length_remaining < data_len) {
457 /*
458 * Yes. Tell the TCP dissector where
459 * the data for this message starts in
460 * the data it handed us, and how many
461 * more bytes we need, and return.
462 */
463 pinfo->desegment_offset = offset;
464 pinfo->desegment_len =
465 data_len - length_remaining;
466 return;
467 }
468 }
469
470 /*
471 * Dissect the TPKT header.
472 * Save and restore "pinfo->current_proto".
473 */
474 saved_proto = pinfo->current_proto;
475 pinfo->current_proto = "TPKT";
476
477 col_set_str(pinfo->cinfo, COL_PROTOCOL, "TPKT");
478 /*
479 * Don't add the TPKT header information if we're
480 * reassembling segmented TPKT PDUs or if this
481 * PDU isn't reassembled.
482 *
483 * XXX - the first is so that subdissectors can append
484 * information without getting TPKT stuff in the middle;
485 * why the second?
486 */
487 if (!desegment && !pinfo->fragmented) {
488 col_add_fstr(pinfo->cinfo, COL_INFO,
489 "TPKT Data length = %u", data_len);
490 }
491
492 if (tree) {
493 ti = proto_tree_add_item(tree, proto_tpkt, tvb,
494 offset, 4, ENC_NA);
495 tpkt_tree = proto_item_add_subtree(ti, ett_tpkt);
496 proto_item_set_text(ti, "TPKT");
497
498 /* Version */
499 proto_tree_add_item(tpkt_tree, hf_tpkt_version, tvb,
500 offset, 1, ENC_BIG_ENDIAN);
501 proto_item_append_text(ti, ", Version: 3");
502
503 /* Reserved octet*/
504 proto_tree_add_item(tpkt_tree, hf_tpkt_reserved, tvb,
505 offset + 1, 1, ENC_BIG_ENDIAN);
506
507 /* Length */
508 proto_tree_add_uint(tpkt_tree, hf_tpkt_length, tvb,
509 offset + 2, 2, data_len);
510 proto_item_append_text(ti, ", Length: %u", data_len);
511 }
512 pinfo->current_proto = saved_proto;
513
514 /* Skip the TPKT header. */
515 offset += 4;
516 data_len -= 4;
517
518 /*
519 * Construct a tvbuff containing the amount of the payload
520 * we have available. Make its reported length the
521 * amount of data in this TPKT packet.
522 *
523 * XXX - if reassembly isn't enabled. the subdissector
524 * will throw a BoundsError exception, rather than a
525 * ReportedBoundsError exception. We really want
526 * a tvbuff where the length is "length", the reported
527 * length is "plen + 2", and the "if the snapshot length
528 * were infinite" length were the minimum of the
529 * reported length of the tvbuff handed to us and "plen+2",
530 * with a new type of exception thrown if the offset is
531 * within the reported length but beyond that third length,
532 * with that exception getting the "Unreassembled Packet"
533 * error.
534 */
535 length = length_remaining - 4;
536 if (length > data_len)
537 length = data_len;
538 next_tvb = tvb_new_subset(tvb, offset, length, data_len);
539
540 /*
541 * Call the subdissector.
542 *
543 * If it gets an error that means there's no point in
544 * dissecting any more TPKT messages, rethrow the
545 * exception in question.
546 *
547 * If it gets any other error, report it and continue,
548 * as that means that TPKT message got an error, but
549 * that doesn't mean we should stop dissecting TPKT
550 * messages within this frame or chunk of reassembled
551 * data.
552 */
553 pd_save = pinfo->private_data;
554 TRY {
555 call_dissector(subdissector_handle, next_tvb, pinfo,
556 tree);
557 }
558 CATCH_NONFATAL_ERRORS {
559 /* Restore the private_data structure in case one of the
560 * called dissectors modified it (and, due to the exception,
561 * was unable to restore it).
562 */
563 pinfo->private_data = pd_save;
564
565 show_exception(tvb, pinfo, tree, EXCEPT_CODE, GET_MESSAGE);
566 }
567 ENDTRY;
568
569 /*
570 * Skip the payload.
571 */
572 offset += length;
573 }
574 }
575
576 /*
577 * Dissect RFC 1006 TPKT, which wraps a TPKT header around an OSI TP
578 * PDU.
579 */
580 static void
581 dissect_tpkt(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
582 {
583 dissect_tpkt_encap(tvb, pinfo, tree, tpkt_desegment, osi_tp_handle);
584 }
585
586 /*
587 * Dissect ASCII TPKT, which wraps a ASCII TPKT header around an OSI TP
588 * PDU.
589 */
590 #if 0
591 static void
592 dissect_ascii_tpkt(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
593 {
594 dissect_asciitpkt(tvb, pinfo, tree, osi_tp_handle);
595 }
596 #endif
597
598 void
599 proto_register_tpkt(void)
600 {
601 static hf_register_info hf[] =
602 {
603 {
604 &hf_tpkt_version,
605 {
606 "Version",
607 "tpkt.version",
608 FT_UINT8,
609 BASE_DEC,
610 NULL,
611 0x0,
612 "Version, only version 3 is defined", HFILL
613 }
614 },
615 {
616 &hf_tpkt_reserved,
617 {
618 "Reserved",
619 "tpkt.reserved",
620 FT_UINT8,
621 BASE_DEC,
622 NULL,
623 0x0,
624 "Reserved, should be 0", HFILL
625 }
626 },
627 {
628 &hf_tpkt_length,
629 {
630 "Length",
631 "tpkt.length",
632 FT_UINT16,
633 BASE_DEC,
634 NULL,
635 0x0,
636 "Length of data unit, including this header", HFILL
637 }
638 },
639 };
640
641 static gint *ett[] =
642 {
643 &ett_tpkt,
644 };
645 module_t *tpkt_module;
646
647 proto_tpkt = proto_register_protocol("TPKT - ISO on TCP - RFC1006", "TPKT", "tpkt");
648 proto_tpkt_ptr = find_protocol_by_id(proto_tpkt);
649 proto_register_field_array(proto_tpkt, hf, array_length(hf));
650 proto_register_subtree_array(ett, array_length(ett));
651 register_dissector("tpkt", dissect_tpkt, proto_tpkt);
652
653 tpkt_module = prefs_register_protocol(proto_tpkt, NULL);
654 prefs_register_bool_preference(tpkt_module, "desegment",
655 "Reassemble TPKT messages spanning multiple TCP segments",
656 "Whether the TPKT dissector should reassemble messages spanning multiple TCP segments. "
657 "To use this option, you must also enable \"Allow subdissectors to reassemble TCP streams\" in the TCP protocol settings.",
658 &tpkt_desegment);
659 }
660
661 void
662 proto_reg_handoff_tpkt(void)
663 {
664 dissector_handle_t tpkt_handle;
665
666 osi_tp_handle = find_dissector("ositp");
667 tpkt_handle = find_dissector("tpkt");
668 dissector_add_uint("tcp.port", TCP_PORT_TPKT, tpkt_handle);
669
670 /*
671 tpkt_ascii_handle = create_dissector_handle(dissect_ascii_tpkt, proto_tpkt);
672 dissector_add_uint("tcp.port", TCP_PORT_TPKT, tpkt_ascii_handle);
673 */
674
675 }